Overview
overview
10Static
static
IG-152WP.iso
windows10-2004-x64
3WP.vbs
windows10-2004-x64
10header
windows10-2004-x64
1metaphysic/alas.vbs
windows10-2004-x64
7metaphysic/choked.txt
windows10-2004-x64
1metaphysic...ts.gif
windows10-2004-x64
1metaphysic...es.ps1
windows10-2004-x64
1metaphysic/preyed.txt
windows10-2004-x64
1metaphysic/readme.txt
windows10-2004-x64
1metaphysic...rs.jpg
windows10-2004-x64
3metaphysic...te.png
windows10-2004-x64
3Analysis
-
max time kernel
364s -
max time network
370s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
30-11-2022 22:05
Static task
static1
Behavioral task
behavioral1
Sample
IG-152WP.iso
Resource
win10v2004-20220812-en
Behavioral task
behavioral2
Sample
WP.vbs
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
header
Resource
win10v2004-20220812-en
Behavioral task
behavioral4
Sample
metaphysic/alas.vbs
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
metaphysic/choked.txt
Resource
win10v2004-20221111-en
Behavioral task
behavioral6
Sample
metaphysic/imprints.gif
Resource
win10v2004-20220901-en
Behavioral task
behavioral7
Sample
metaphysic/prefaces.ps1
Resource
win10v2004-20221111-en
Behavioral task
behavioral8
Sample
metaphysic/preyed.txt
Resource
win10v2004-20220901-en
Behavioral task
behavioral9
Sample
metaphysic/readme.txt
Resource
win10v2004-20221111-en
Behavioral task
behavioral10
Sample
metaphysic/simmers.jpg
Resource
win10v2004-20220812-en
Behavioral task
behavioral11
Sample
metaphysic/typewrite.png
Resource
win10v2004-20220812-en
General
-
Target
metaphysic/typewrite.png
-
Size
43KB
-
MD5
5522c9e8ef8d4a5a95bb1f3d676fdc5c
-
SHA1
ae12bd89d36e46d1e416931d064c7b8c0867250a
-
SHA256
81a8fe3499c5cfc66c98b6d4935a8270eb824e1e58f60075846d49e1021c710a
-
SHA512
911606b88218f78b53343eea80bdde91c945fb241cecaa6b5e4991206cf966f3d479e0c3cda93734b740286946d6fe0a82f45b76937c88fc8c17a20784f75913
-
SSDEEP
768:t18g+tRun0DiF2ZCgX2VkNWTQHCj2qBjMTDGum2p7sc8Z/pcN7OOa48MZdX8encX:nQzICCD6NWdp4fYOBD8cDnYf
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.