Overview

overview

10

Static

static

AFL27.iso

windows7-x64

3

AFL27.iso

windows10-2004-x64

3

AS.js

windows7-x64

10

AS.js

windows10-2004-x64

10

peseta/data.txt

windows7-x64

1

peseta/data.txt

windows10-2004-x64

1

peseta/flours.js

windows7-x64

3

peseta/flours.js

windows10-2004-x64

7

peseta/gratiae.ps1

windows7-x64

1

peseta/gratiae.ps1

windows10-2004-x64

1

peseta/opalescent.jpg

windows7-x64

3

peseta/opalescent.jpg

windows10-2004-x64

3

Analysis

  • max time kernel
    45s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    20-01-2023 21:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    peseta/data.txt

  • Size

    630KB

  • MD5

    58329a65cac27867d2777390f4eac0eb

  • SHA1

    a44b4f6d076498b6bf42dbf1a8a805f4570e7c04

  • SHA256

    9a6a43b0cdd989c911896933202401b848d2502db0219632f3aaa04a2e4687a4

  • SHA512

    8bde8e1c678a516abb67f4bfb6bc314477014123b4bab3e9c3d13e1e9e4e5dfd37e407b4c4c939b270234419f367d7a1e26a605770620312d1d0fe27ca5980b5

  • SSDEEP

    12288:Im1Mcw5EO6dHvDe0P3lx5EBto8BkfzNbuTyGrC6N2c2mcsAMznGBRA4cZDA:rMFEO6dHvDe0P335EXpUNSleQ2cYcGLx

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\peseta\data.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1016-54-0x000007FEFC2C1000-0x000007FEFC2C3000-memory.dmp
    Filesize

    8KB

    Download