Overview
overview
10Static
static
Contract.lnk
windows7-x64
3Contract.lnk
windows10-2004-x64
3unbelt/bri...rly.js
windows7-x64
3unbelt/bri...rly.js
windows10-2004-x64
1unbelt/hotheaded.dll
windows7-x64
10unbelt/hotheaded.dll
windows10-2004-x64
10unbelt/unm...la.cmd
windows7-x64
1unbelt/unm...la.cmd
windows10-2004-x64
1Analysis
-
max time kernel
42s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
24-09-2022 03:42
Static task
static1
Behavioral task
behavioral1
Sample
Contract.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Contract.lnk
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
unbelt/bridgetownPopularly.js
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
unbelt/bridgetownPopularly.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
unbelt/hotheaded.dll
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
unbelt/hotheaded.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
unbelt/unmelodiouslySheila.cmd
Resource
win7-20220901-en
Behavioral task
behavioral8
Sample
unbelt/unmelodiouslySheila.cmd
Resource
win10v2004-20220812-en
General
-
Target
Contract.lnk
-
Size
1KB
-
MD5
5100d6d3a1687599725094b3e5c06274
-
SHA1
42cd1580631979d0d1cd173f2519b92aa3538877
-
SHA256
4b443b68dcf295de405fae9fda1b830e00fbf34f61cdcda49ba4b6b8a3750780
-
SHA512
7fadb66a4588eeed1556c98c77b376c225502e490f6856524ec375c33f072376685fe6e7bb21edd8c563fdc9c46031f313aef87ec2f9de46c00c55e132bc8146
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.