Overview

overview

10

Static

static

IG-152WP.iso

windows10-2004-x64

3

WP.vbs

windows10-2004-x64

10

header

windows10-2004-x64

1

metaphysic/alas.vbs

windows10-2004-x64

7

metaphysic/choked.txt

windows10-2004-x64

1

metaphysic...ts.gif

windows10-2004-x64

1

metaphysic...es.ps1

windows10-2004-x64

1

metaphysic/preyed.txt

windows10-2004-x64

1

metaphysic/readme.txt

windows10-2004-x64

1

metaphysic...rs.jpg

windows10-2004-x64

3

metaphysic...te.png

windows10-2004-x64

3

Analysis

  • max time kernel
    604s
  • max time network
    815s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-11-2022 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    metaphysic/readme.txt

  • Size

    770KB

  • MD5

    07600e1dd044b75a84857b90d246aee7

  • SHA1

    0ea797440370f349b1137586ddbe1d071ff8f48a

  • SHA256

    b63f23a6a846f11810d2750b949fa746c94a3d199f13cc627f7675f1a2be4c71

  • SHA512

    c01f8e1c6567e2e709592400e54164d92a8f4c08886f0b21bfafd1d8e17eba9bcb06b3158044933ba345668b784d9dcea5388ed8d6868924f971d7f2da3dfc8f

  • SSDEEP

    24576:+0RV9Z0OEdMdEz52kqAaBJP8fnLJ518VCqoI2yO:1uDHh

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\metaphysic\readme.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads