Resubmissions

02-10-2022 15:25

221002-stk51adhdn 10

30-09-2022 13:52

220930-q6sdqsdga9 10

Analysis

  • max time kernel
    105s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-10-2022 15:25

General

  • Target

    cadets/obtaining.txt

  • Size

    162KB

  • MD5

    243d3e3702033ad37f46d10121a45cfe

  • SHA1

    ea281a5056787e23b4559a24344f50ae7b32ca30

  • SHA256

    50a58c8736d08dbef76d1ca22761a3ccadd9250c75ccf0235ea4b854ed467045

  • SHA512

    28b4e88bd1aa8c594edb4b4a437f886c046241a4780ab922a8c406d743656970d5dd724bcfd6312bb7e003f6de9854a6e1da191f956bdff6e7def6127f026c83

  • SSDEEP

    3072:DZOrwZw3ztSBBTSBgSnwCtQu/1ZOK1ZOAjOj/tQTj/tQtH51ZOebZO04SJASoHHh:D8wZwxS/TSCSnwCOo3EOnOtHjdGSmSoh

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) ⋅ 1 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\cadets\obtaining.txt
    Opens file in notepad (likely ransom note)
    PID:3404

Network

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation

                          Replay Monitor

                          00:00 00:00

                          Downloads