6413b835503a6c77f347a262f0ce18de15ea59608658aa8c2e51a3433ffe1624 | Triage

Resubmissions

15/01/2023, 00:36 UTC

230115-aybg9abe6s 8

15/01/2023, 00:11 UTC

230115-agp93sfe58 8

15/01/2023, 00:06 UTC

230115-ad4y3abc3t 8

Analysis

max time kernel
30s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
15/01/2023, 00:06 UTC

Sharing

Report Analysis Logs

General

Target

interium/settings/Golybou_SemiRage/misc.ini
Size

1KB
MD5

0692a9aee49c11cf21ed641312bfa070
SHA1

a1721a93c333df0c47bb041d24d4f02825f2cb0f
SHA256

871c9aeed27cee61c2c9797ca6e186eb975678c996688d02036e5c283e921d2d
SHA512

dec22fb8605357da57973915d0247fb4653192935fa69910488efa8910eba146ef8f0e281abba01fabd504f11500f8ca0f15ca219a12339af32e9cdf7e6311e1

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
1708	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\interium\settings\Golybou_SemiRage\misc.ini
1⤵
- Opens file in notepad (likely ransom note)
PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1708-54-0x000007FEFC421000-0x000007FEFC423000-memory.dmp

Filesize
8KB

Download