e198a1cf6988b3e8bffa5dec0b28c891c5ef4116c71fbc94d9a68ed9e9b444eb

Submit
Reports

Overview

overview

Static

static

VirtualBox...on.exe

windows10-2004-x64

license.txt

windows10-2004-x64

readme_1013790.txt

windows10-2004-x64

zsys-maste...ig.yml

windows10-2004-x64

zsys-maste...s.yaml

windows10-2004-x64

zsys-maste...s.yaml

windows10-2004-x64

zsys-maste...y.yaml

windows10-2004-x64

zsys-maste...ignore

windows10-2004-x64

zsys-maste...ata.go

windows10-2004-x64

zsys-maste...ion.go

windows10-2004-x64

zsys-maste...mon.go

windows10-2004-x64

zsys-maste...est.go

windows10-2004-x64

zsys-maste...ysd.go

windows10-2004-x64

zsys-maste...ain.go

windows10-2004-x64

zsys-maste...est.go

windows10-2004-x64

zsys-maste...ATE.md

windows10-2004-x64

zsys-maste...ot.png

windows10-2004-x64

zsys-maste...ze.yml

windows10-2004-x64

zsys-maste...ld.yml

windows10-2004-x64

zsys-maste...at.yml

windows10-2004-x64

zsys-maste...sh.yml

windows10-2004-x64

zsys-maste...st.yml

windows10-2004-x64

zsys-maste...ignore

windows10-2004-x64

zsys-maste...ignore

windows10-2004-x64

zsys-maste...ignore

windows10-2004-x64

Resubmissions

23-01-2023 13:41

230123-qzjg9add79 10

27-12-2022 17:22

221227-vxl8ksfd97 10

27-12-2022 17:10

221227-vprhbsae8t 10

Analysis

max time kernel
81s
max time network
181s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
27-12-2022 17:22

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

VirtualBox 7.0-Download_Old_Builds - About - Documentation.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

23 signatures

600 seconds

Behavioral task

behavioral2

Sample

license.txt

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral3

Sample

readme_1013790.txt

Resource

win10v2004-20220901-en

windows10-2004-x64

2 signatures

600 seconds

Behavioral task

behavioral4

Sample

zsys-master/.github/ISSUE_TEMPLATE/config.yml

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral5

Sample

zsys-master/.github/workflows/auto-updates.yaml

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral6

Sample

zsys-master/.github/workflows/commands.yaml

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral7

Sample

zsys-master/.github/workflows/repo-quality.yaml

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral8

Sample

zsys-master/.gitignore

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral9

Sample

zsys-master/cmd/zsysd/client/userdata.go

Resource

win10v2004-20220901-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral10

Sample

zsys-master/cmd/zsysd/client/version.go

Resource

win10v2004-20221111-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral11

Sample

zsys-master/cmd/zsysd/cmdhandler/common.go

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral12

Sample

zsys-master/cmd/zsysd/cmdhandler/suggest.go

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral13

Sample

zsys-master/cmd/zsysd/daemon/zsysd.go

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral14

Sample

zsys-master/cmd/zsysd/main.go

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral15

Sample

zsys-master/internal/authorizer/internal_test.go

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral16

Sample

zsys-master/yaru_widgets.dart-main/.github/PULL_REQUEST_TEMPLATE.md

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral17

Sample

zsys-master/yaru_widgets.dart-main/.github/images/screenshot.png

Resource

win10v2004-20221111-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral18

Sample

zsys-master/yaru_widgets.dart-main/.github/workflows/analyze.yml

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral19

Sample

zsys-master/yaru_widgets.dart-main/.github/workflows/build.yml

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral20

Sample

zsys-master/yaru_widgets.dart-main/.github/workflows/format.yml

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral21

Sample

zsys-master/yaru_widgets.dart-main/.github/workflows/publish.yml

Resource

win10v2004-20220901-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral22

Sample

zsys-master/yaru_widgets.dart-main/.github/workflows/test.yml

Resource

win10v2004-20221111-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral23

Sample

zsys-master/yaru_widgets.dart-main/.gitignore

Resource

win10v2004-20220812-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral24

Sample

zsys-master/yaru_widgets.dart-main/example/.gitignore

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

600 seconds

Behavioral task

behavioral25

Sample

zsys-master/yaru_widgets.dart-main/example/linux/.gitignore

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

600 seconds

Report Analysis Logs

General

Target

license.txt
Size

36KB
MD5

52e1764b62b94fbf828eb70cf762291e
SHA1

a2c98b614f392d0d2ceb747c6c63b810b2973c26
SHA256

36bd9785c82651801b99f68935fd5a0ef5c157473fbf3eb3a2d6d2796d12c84f
SHA512

d4f45e73a5daf3d62de847fe646ba237c5a3fb0512451caa630613ae51fe007aad073a64b7ac6bb51e0f7c00952c1494d2c5ff9d19b64a38bedef7c504761fe7
SSDEEP

384:wT4AYkQkEKfZOWpS8F5+CpIddFGWJakAZ1kKK0qWp5EeevvF5oUgNfIddg9kd:wTjTQkEiZbjv6Yv1kKjfgvtHe0

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

832 NOTEPAD.EXE

pid	process
832	NOTEPAD.EXE

Processes

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\license.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:832

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads