Overview

overview

10

Static

static

SCAN_WE228...80.lnk

windows10-2004-x64

10

SCAN_WE228...ce.dll

windows10-2004-x64

3

SCAN_WE228...es.cmd

windows10-2004-x64

10

SCAN_WE228...es.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    505s
  • max time network
    508s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-12-2022 14:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SCAN_WE2280/YouNewRules/Updates.txt

  • Size

    233KB

  • MD5

    d870cc0c74459d4bc099356a9732fac7

  • SHA1

    193d40488bac21749be25adbbea640d1dfb043e2

  • SHA256

    ceb2378fc315e19c299ee8e33b23340b19273d7b31470fc1cd433fd0825fc0a2

  • SHA512

    ca6646074b523cbb13883c91947292b3f01cb34922be907b91cb93f911402c29e20232395cb5f4ec82f677088756e16390999c75f8a3254584dc4e9087f7ab73

  • SSDEEP

    768:yOIvIo2rBIWV5IwueuNYIzIN0INAI1AIWAIMYIWI4dtAIEIAIKI+L9IILLIWV9IE:r

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\SCAN_WE2280\YouNewRules\Updates.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads