Analysis
-
max time kernel
51s -
max time network
147s -
platform
windows10-1703_x64 -
resource
win10-20220901-en -
resource tags
arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system -
submitted
07/02/2023, 19:31
Static task
static1
Behavioral task
behavioral1
Sample
REJ_1766.iso
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
REJ.lnk
Resource
win10-20220901-en
Behavioral task
behavioral3
Sample
oslo/nicks.txt
Resource
win10-20220812-en
Behavioral task
behavioral4
Sample
oslo/they.cmd
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
oslo/train.png
Resource
win10-20220901-en
General
-
Target
REJ.lnk
-
Size
1KB
-
MD5
dff9f62e74b0d466f9b3c73b081f7c12
-
SHA1
65e99474ae0f66e9bc343feea3c9609a9b7f9db8
-
SHA256
40d7bb7db3f3c01a06b627e413ec57b8cfaeb260213929a5d5cf5158fe628e04
-
SHA512
ce3dc51241fb2412cbcb4da14435e12f2a6769cceebaa4dc7e76df152dd5674ce555c9fd71edb6b52aba7b75bf8f3936c58fa1d09e2b210306bf8c8105cc94dc
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.