Overview

overview

10

Static

static

7

Pass_1234_Setup.rar

windows7-x64

3

Pass_1234_Setup.rar

windows10-2004-x64

3

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

langs/Croatian.ini

windows7-x64

1

langs/Croatian.ini

windows10-2004-x64

1

langs/Danish.ini

windows7-x64

1

langs/Danish.ini

windows10-2004-x64

1

langs/English.ini

windows7-x64

1

langs/English.ini

windows10-2004-x64

1

langs/Finnish.ini

windows7-x64

1

langs/Finnish.ini

windows10-2004-x64

1

langs/Hebrew.ini

windows7-x64

1

langs/Hebrew.ini

windows10-2004-x64

1

langs/Hungarian.ps1

windows7-x64

1

langs/Hungarian.ps1

windows10-2004-x64

1

langs/Indonesian.ini

windows7-x64

1

langs/Indonesian.ini

windows10-2004-x64

1

langs/Japanese.ini

windows7-x64

1

langs/Japanese.ini

windows10-2004-x64

langs/Kazakh.ini

windows7-x64

1

langs/Kazakh.ini

windows10-2004-x64

1

langs/Korean.ps1

windows7-x64

1

langs/Korean.ps1

windows10-2004-x64

1

langs/Kurdish.ini

windows7-x64

1

langs/Kurdish.ini

windows10-2004-x64

1

langs/Norwegian.ini

windows7-x64

1

langs/Norwegian.ini

windows10-2004-x64

1

langs/SimpChinese.ini

windows7-x64

1

langs/SimpChinese.ini

windows10-2004-x64

1

langs/Sinhala.ini

windows7-x64

1

langs/Sinhala.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    200s
  • max time network
    234s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-11-2022 20:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    langs/Finnish.ini

  • Size

    106KB

  • MD5

    09abf1d7277a388b362c7c94012c9655

  • SHA1

    85b3a52814c0a4bc9b0c39550e920340f4fb2ac2

  • SHA256

    eb6cd045c3899f7ca4a7ecd4e8211478720206b3e607ab21c22e164f4c684510

  • SHA512

    c531f18b5516a5cd32733bd2c00be746d580805a1178971ac57316befcdd0216e906e2283690157c622f217743a10d09e1e78b82558301a95aeb80f2278d4cb0

  • SSDEEP

    1536:+0X4yMypD2b6/lXRYpc1maOK+RJh5enKT2e2ULv387G:fMyYL5/fgG2e2UL4G

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\langs\Finnish.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads