Overview

overview

10

Static

static

Cancellation#9860.iso

windows10-2004-x64

3

Cancellation.lnk

windows10-2004-x64

10

inexhausti...ed.cmd

windows10-2004-x64

1

inexhausti...rt.dll

windows10-2004-x64

10

inexhausti...nd.txt

windows10-2004-x64

1

inexhausti...ee.txt

windows10-2004-x64

1

inexhausti...ss.jpg

windows10-2004-x64

3

Resubmissions

26/10/2022, 21:55

221026-1stprahccq 10

26/10/2022, 21:52

221026-1rkepahcb5 10

Analysis

  • max time kernel
    60s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/10/2022, 21:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    inexhaustive/tutee.txt

  • Size

    281KB

  • MD5

    e131110f0aa9bc4339beb8d6e7a44e68

  • SHA1

    20f4230b1d0ad36b5eee37f5087d5cba2c62351e

  • SHA256

    cbca00ba9cb9342bca43d39ce121852e4bcdadc9d8085582c3c961fbefb23dac

  • SHA512

    aaae658739c4b867f1d028aa4b27837f0d25c4bd709c0b4c0f8f620b1286eebe6a3d63387f35fd2ace460c57c1d0c59ca8709e1258565e8fcc89db00074803f0

  • SSDEEP

    6144:+bVGX0w4O+UXNVlD0C3iW5hWXJhbp3NhbVdEXNYLXplD2bsytWkGMxvlDZMbPoah:8wmCdhZtZQem

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\inexhaustive\tutee.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads