Overview
overview
10Static
static
RRCG61.zip
windows10-1703-x64
1RRCG61.vhd
windows10-1703-x64
3RR.lnk
windows10-1703-x64
10System Vol...gs.dat
windows10-1703-x64
3unutterabl...ns.cmd
windows10-1703-x64
1unutterabl...ed.cmd
windows10-1703-x64
1unutterabl...le.txt
windows10-1703-x64
1unutterably/swam.dll
windows10-1703-x64
10Analysis
-
max time kernel
140s -
max time network
143s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system -
submitted
08-12-2022 16:20
Static task
static1
Behavioral task
behavioral1
Sample
RRCG61.zip
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
RRCG61.vhd
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
RR.lnk
Resource
win10-20220901-en
Behavioral task
behavioral4
Sample
System Volume Information/WPSettings.dat
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
unutterably/felons.cmd
Resource
win10-20220812-en
Behavioral task
behavioral6
Sample
unutterably/offered.cmd
Resource
win10-20220812-en
Behavioral task
behavioral7
Sample
unutterably/satiable.txt
Resource
win10-20220812-en
General
-
Target
unutterably/satiable.txt
-
Size
271KB
-
MD5
22fc32b30495260a3b27671998255bff
-
SHA1
a2ca307ef89e6531ef8accbdbb681c1ff140e7fb
-
SHA256
7053377af4a72e098365da4d4dc0e288456b7e54d3784d0e30b59ec05a8f18c7
-
SHA512
bda5312cf0a035ab15cd76c6628a9ca2d27e6e56103a06923f2756ff36e9be3385a8daa1e349d04ebfaf5b8f3ac8a863eb0ec10c37b7258ef8144c239d69b495
-
SSDEEP
6144:eOYyyONHH/MOKMHHH6GOcoHgHHHHDW20EeSnwaBGxwJ3wBS6OlH0HsO+HVOFHHHr:eOMONHHkOKMHHHdOcoHgHHHHPwuEwJ3A
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 2620 NOTEPAD.EXE