2b3822269329b2550ec617fec842a2b0a74c47c7cbe858eddfefe56fcfd4a015 | Triage

Analysis

max time kernel
38s
max time network
41s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
10/10/2022, 13:07

Sharing

Report Analysis Logs

General

Target

7769/immigration.txt
Size

51KB
MD5

365e1d25cd901a7da9e790f79d0a7d8f
SHA1

c8bd750c6865754e79513fb70606c6dd6068aab4
SHA256

d866ed08f5d53ff0bf3e9e8928b92f278b3a098156a3976228719a687f905190
SHA512

cd908598e7b634b0f2d8d417ebc83e983a055286da1c62bcd6e6a7dde9108bf8d90098db47839d513d7f4c37ccbb3ffbd4140f14364704356c35b110918893f6
SSDEEP

768:DSh5Q7xIMxvShBxviUdxIjp6ZohKxvi+iIIV/BM1My3lG:s2xKxvOGfxvNuBOMH

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
784	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\7769\immigration.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/784-54-0x000007FEFB871000-0x000007FEFB873000-memory.dmp

Filesize
8KB

Download