Overview

overview

3

Static

static

Invoice_51...DF.iso

windows7-x64

3

Invoice_51...DF.iso

windows10-2004-x64

3

documents.lnk

windows7-x64

3

documents.lnk

windows10-2004-x64

3

refreshene...al.dll

windows7-x64

3

refreshene...al.dll

windows10-2004-x64

1

refreshene...le.vbs

windows7-x64

3

refreshene...le.vbs

windows10-2004-x64

1

refreshene...ss.txt

windows7-x64

1

refreshene...ss.txt

windows10-2004-x64

1

refreshene...us.cmd

windows7-x64

1

refreshene...us.cmd

windows10-2004-x64

1

Resubmissions

04-10-2022 07:33

221004-jdj4bshec6 10

04-10-2022 07:27

221004-h97ntshcg8 3

Analysis

  • max time kernel
    153s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-10-2022 07:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    refresheners/riskless.txt

  • Size

    289KB

  • MD5

    8ca8d26ed12363e8a7a2547c3d3c6b73

  • SHA1

    57b4fd722be63aa24f536026676abeafd90f928c

  • SHA256

    4a69cbe065615db446031baf423d9493f5e828e516c594608bbab0361b8dbac5

  • SHA512

    009259b0c6c0c9e4306d53679d8009d9a1105aba02e76b0491e42c9f099ab7d8ac7b2387502fe482be5f57f3faa777423a30a497b6e7a7cdff41c072a70d04f6

  • SSDEEP

    3072:D6claxkye2I0OYh5h3NlKlkMUkHC3R3hkayhdT:D6Eaxkye2qYv9DKlkaHC3tiNd

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\refresheners\riskless.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads