2569392ca5aeb3de4dd45280021dc7be1b3aa7dbdd32006b28c9357f58a7cf75

Analysis

max time kernel
41s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
21-11-2022 15:39

Target

debunked/intrepid.txt
Size

92KB
MD5

dcbdab48c170abf8db49869f38c45081
SHA1

53f466efd20e4ffa75a180b78f49629541c69942
SHA256

ec4e433ff0df119741cfbc4a80535ebbadc0429e86982ab1f662aa327856ffa2
SHA512

86b0a8cf687740e54ad53d387e60e071e575c3fa8a5c9a59330332a51caf596a33ef447785d3af9fbd78a807466f42ce1732f2afb62b098ee78930440b5e22a1
SSDEEP

1536:QGQcW1ZOVIcevj/tQlc1ZOVWHo/rzcROcbcXW1ZOVab0OW1ZOVX:QzV1ZOCj/tQO1ZOcHQCcm1ZO20f1ZOd

Score

1^/10

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

1044 NOTEPAD.EXE

pid	process
1044	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\debunked\intrepid.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:1044

memory/1044-54-0x000007FEFB821000-0x000007FEFB823000-memory.dmp

Filesize
8KB

Download