98761de8cb4e91079b0c34a1e5558dba347d976fc0ab0250a9f66ad706a93db9

Resubmissions

02-10-2022 15:25

30-09-2022 13:52

max time kernel
112s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
02-10-2022 15:25

Target

cadets/oiliness.txt
Size

170KB
MD5

e4ae734495ad84dd9c71df1e7d343583
SHA1

98eebec1763de7b5ce9c6d8a8612f41d7d517b5e
SHA256

8fb2d6f268d52a89dde667c606349e8b3ba2fa9b544534a62a6cd8e62c098550
SHA512

726cb790cfccfbbba36c19ff51d4c1ca4bee94d744a97637d0b86e594223b36b3a7114f0e2676022961c98f688ede43d171957ecd1fa0ff19e372d461a63bd09
SSDEEP

3072:+b1lYwB5CjlDyhag0lPBZNQw6XmhS3NlDcNFy6xbqxnWulPBAUDBXypj3NlDRlma:+bTB0jlDBgABZGnmhKlDcXnb4WWBAUD0

Score

1^/10

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

1692 NOTEPAD.EXE

pid	process
1692	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\cadets\oiliness.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:1692