Overview
overview
10Static
static
7Pass_1234_Setup.rar
windows7-x64
3Pass_1234_Setup.rar
windows10-2004-x64
3Setup.exe
windows7-x64
10Setup.exe
windows10-2004-x64
10langs/Croatian.ini
windows7-x64
1langs/Croatian.ini
windows10-2004-x64
1langs/Danish.ini
windows7-x64
1langs/Danish.ini
windows10-2004-x64
1langs/English.ini
windows7-x64
1langs/English.ini
windows10-2004-x64
1langs/Finnish.ini
windows7-x64
1langs/Finnish.ini
windows10-2004-x64
1langs/Hebrew.ini
windows7-x64
1langs/Hebrew.ini
windows10-2004-x64
1langs/Hungarian.ps1
windows7-x64
1langs/Hungarian.ps1
windows10-2004-x64
1langs/Indonesian.ini
windows7-x64
1langs/Indonesian.ini
windows10-2004-x64
1langs/Japanese.ini
windows7-x64
1langs/Japanese.ini
windows10-2004-x64
langs/Kazakh.ini
windows7-x64
1langs/Kazakh.ini
windows10-2004-x64
1langs/Korean.ps1
windows7-x64
1langs/Korean.ps1
windows10-2004-x64
1langs/Kurdish.ini
windows7-x64
1langs/Kurdish.ini
windows10-2004-x64
1langs/Norwegian.ini
windows7-x64
1langs/Norwegian.ini
windows10-2004-x64
1langs/SimpChinese.ini
windows7-x64
1langs/SimpChinese.ini
windows10-2004-x64
1langs/Sinhala.ini
windows7-x64
1langs/Sinhala.ini
windows10-2004-x64
1Analysis
-
max time kernel
200s -
max time network
234s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
19-11-2022 20:43
Behavioral task
behavioral1
Sample
Pass_1234_Setup.rar
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
Pass_1234_Setup.rar
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
Setup.exe
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
Setup.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
langs/Croatian.ini
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
langs/Croatian.ini
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
langs/Danish.ini
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
langs/Danish.ini
Resource
win10v2004-20221111-en
Behavioral task
behavioral9
Sample
langs/English.ini
Resource
win7-20221111-en
Behavioral task
behavioral10
Sample
langs/English.ini
Resource
win10v2004-20220812-en
Behavioral task
behavioral11
Sample
langs/Finnish.ini
Resource
win7-20221111-en
Behavioral task
behavioral12
Sample
langs/Finnish.ini
Resource
win10v2004-20221111-en
Behavioral task
behavioral13
Sample
langs/Hebrew.ini
Resource
win7-20220812-en
Behavioral task
behavioral14
Sample
langs/Hebrew.ini
Resource
win10v2004-20220901-en
Behavioral task
behavioral15
Sample
langs/Hungarian.ps1
Resource
win7-20221111-en
Behavioral task
behavioral16
Sample
langs/Hungarian.ps1
Resource
win10v2004-20220812-en
Behavioral task
behavioral17
Sample
langs/Indonesian.ini
Resource
win7-20221111-en
Behavioral task
behavioral18
Sample
langs/Indonesian.ini
Resource
win10v2004-20220812-en
Behavioral task
behavioral19
Sample
langs/Japanese.ini
Resource
win7-20221111-en
Behavioral task
behavioral20
Sample
langs/Japanese.ini
Resource
win10v2004-20221111-en
Behavioral task
behavioral21
Sample
langs/Kazakh.ini
Resource
win7-20220812-en
Behavioral task
behavioral22
Sample
langs/Kazakh.ini
Resource
win10v2004-20220901-en
Behavioral task
behavioral23
Sample
langs/Korean.ps1
Resource
win7-20221111-en
Behavioral task
behavioral24
Sample
langs/Korean.ps1
Resource
win10v2004-20220812-en
Behavioral task
behavioral25
Sample
langs/Kurdish.ini
Resource
win7-20221111-en
Behavioral task
behavioral26
Sample
langs/Kurdish.ini
Resource
win10v2004-20221111-en
Behavioral task
behavioral27
Sample
langs/Norwegian.ini
Resource
win7-20220812-en
Behavioral task
behavioral28
Sample
langs/Norwegian.ini
Resource
win10v2004-20221111-en
Behavioral task
behavioral29
Sample
langs/SimpChinese.ini
Resource
win7-20220901-en
Behavioral task
behavioral30
Sample
langs/SimpChinese.ini
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
langs/Sinhala.ini
Resource
win7-20221111-en
Behavioral task
behavioral32
Sample
langs/Sinhala.ini
Resource
win10v2004-20221111-en
General
-
Target
langs/Finnish.ini
-
Size
106KB
-
MD5
09abf1d7277a388b362c7c94012c9655
-
SHA1
85b3a52814c0a4bc9b0c39550e920340f4fb2ac2
-
SHA256
eb6cd045c3899f7ca4a7ecd4e8211478720206b3e607ab21c22e164f4c684510
-
SHA512
c531f18b5516a5cd32733bd2c00be746d580805a1178971ac57316befcdd0216e906e2283690157c622f217743a10d09e1e78b82558301a95aeb80f2278d4cb0
-
SSDEEP
1536:+0X4yMypD2b6/lXRYpc1maOK+RJh5enKT2e2ULv387G:fMyYL5/fgG2e2UL4G
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 4020 NOTEPAD.EXE