Analysis
-
max time kernel
48s -
max time network
62s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system -
submitted
07-01-2023 08:59
Behavioral task
behavioral1
Sample
Resource.bin
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
Run.vbs
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
WindowsService.exe
Resource
win10-20220901-en
Behavioral task
behavioral4
Sample
import.reg
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
md5.txt
Resource
win10-20220812-en
Behavioral task
behavioral6
Sample
updatebackend.log
Resource
win10-20220812-en
General
-
Target
updatebackend.log
-
Size
4B
-
MD5
5a01f0597ac4bdf35c24846734ee9a76
-
SHA1
a385d9e8d3b9d07483e610819de992510883b36b
-
SHA256
b33ed571eded536f0f0bc2be4e4384055acd592fe6652a555320fdca4dbeb175
-
SHA512
42caf8b73b98f8cb1d9bfbf477b468414bc0fe9160d4e5151076ffe284b78d10227cac7b4f435a29f79768358a74406960e62a90222a0258b4a4662f2efa4008
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 2340 NOTEPAD.EXE