Overview

overview

10

Static

static

TS-795WP.iso

windows7-x64

3

TS-795WP.iso

windows10-2004-x64

3

WP.vbs

windows7-x64

10

WP.vbs

windows10-2004-x64

10

header

windows7-x64

1

header

windows10-2004-x64

1

metaphysic/choked.txt

windows7-x64

1

metaphysic/choked.txt

windows10-2004-x64

1

metaphysic...ts.gif

windows7-x64

1

metaphysic...ts.gif

windows10-2004-x64

1

metaphysic...ly.ps1

windows7-x64

1

metaphysic...ly.ps1

windows10-2004-x64

1

metaphysic/preyed.txt

windows7-x64

1

metaphysic/preyed.txt

windows10-2004-x64

1

metaphysic...es.vbs

windows7-x64

3

metaphysic...es.vbs

windows10-2004-x64

7

metaphysic/readme.txt

windows7-x64

1

metaphysic/readme.txt

windows10-2004-x64

1

metaphysic...rs.jpg

windows7-x64

3

metaphysic...rs.jpg

windows10-2004-x64

3

metaphysic...te.png

windows7-x64

3

metaphysic...te.png

windows10-2004-x64

3

Analysis

  • max time kernel
    33s
  • max time network
    43s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30-11-2022 18:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    metaphysic/readme.txt

  • Size

    770KB

  • MD5

    93d5daab5e26df8198ff4267ca26b90f

  • SHA1

    5c31652ed43dd5ef473294b2740784bf0f26b1dc

  • SHA256

    4f496c506719e69d9f52970fa599c0e04935e7c653f23eae6e61e8f39e2badf6

  • SHA512

    f7c55eb29e9c82762c067ecbf7f8c21252f205acd32dca01b45fad801eae3a10d09ff72ed3474fe7e6c29eb0cc5da363d0828677199a40f493981c6b60812abe

  • SSDEEP

    24576:+0RV9Z0OEdMdWz52kqAaBJP8fnLJ518VCqoI2yO:3uDHh

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\metaphysic\readme.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2000-54-0x000007FEFB761000-0x000007FEFB763000-memory.dmp
    Filesize

    8KB

    Download