Overview
overview
10Static
static
10CoreAudioApi.dll
windows10-1703-x64
1Resources/...go.jpg
windows10-1703-x64
3Resources/...SM.dll
windows10-1703-x64
1Resources/...SL.exe
windows10-1703-x64
1Resources/...ub.apk
windows10-1703-x64
3Resources/...va.jar
windows10-1703-x64
1Resources/...sS.exe
windows10-1703-x64
1Resources/...in.exe
windows10-1703-x64
1SpyNote_6.4.exe
windows10-1703-x64
10Analysis
-
max time kernel
51s -
max time network
147s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system -
submitted
12-01-2023 17:23
Behavioral task
behavioral1
Sample
CoreAudioApi.dll
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
Resources/Icons/Logo/Logo.jpg
Resource
win10-20220812-en
Behavioral task
behavioral3
Sample
Resources/Imports/Gsm/GSM.dll
Resource
win10-20220901-en
Behavioral task
behavioral4
Sample
Resources/Imports/Payload/SL.exe
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
Resources/Imports/Payload/stub.apk
Resource
win10-20220812-en
Behavioral task
behavioral6
Sample
Resources/Imports/PlayerJava/PlayerJava.jar
Resource
win10-20220812-en
Behavioral task
behavioral7
Sample
Resources/Imports/T/sS.exe
Resource
win10-20220901-en
Behavioral task
behavioral8
Sample
Resources/Imports/platform-tools/plwin.exe
Resource
win10-20220812-en
General
-
Target
Resources/Icons/Logo/Logo.jpg
-
Size
26KB
-
MD5
c6099a79ca221e51398757b6164a8f17
-
SHA1
77becc1c68fdd97550a8fb6162a86b03cef8344f
-
SHA256
204b258904320951c7438e4360ef2b567a3505a397f912edffb30398e34f1ec9
-
SHA512
27bf3575ea68314ae39ee5adca196d1b999c76869b929054ba86ac8d157b90eeedb340925339ebe84457b0f2597ec494d97cd8e5eae25c51dda095c8a28fa8fd
-
SSDEEP
384:LJwDyOFAvYj7crXBurCP0tnnCIhgwrZ8tb/xibWXYsCCiRdfqJfDG4NS:LJwDFAvOYQkbSoRCNRkfPNS
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.