Analysis
-
max time kernel
145s -
max time network
147s -
platform
windows10-1703_x64 -
resource
win10-20220812-en -
resource tags
arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system -
submitted
07/02/2023, 19:31
Static task
static1
Behavioral task
behavioral1
Sample
REJ_1766.iso
Resource
win10-20220812-en
Behavioral task
behavioral2
Sample
REJ.lnk
Resource
win10-20220901-en
Behavioral task
behavioral3
Sample
oslo/nicks.txt
Resource
win10-20220812-en
Behavioral task
behavioral4
Sample
oslo/they.cmd
Resource
win10-20220812-en
Behavioral task
behavioral5
Sample
oslo/train.png
Resource
win10-20220901-en
General
-
Target
oslo/nicks.txt
-
Size
106KB
-
MD5
01f6be81b1ca32ea511f7d75e28afc49
-
SHA1
b71034ac936a1aebd4e8a8247db32eb9d57907f2
-
SHA256
d61ef69b088b63b6defbff829c5525b4e6dce6b1ad6d8c69a79bcd75252f4114
-
SHA512
6b8ad00c8be146dc7d065ea1f5e492c2ec5a41294f900f374e3aa00e5103dc2e9b5d986c62998ec14c879a64dc51823188e00a32c51d400da0ac1d9cbe83b741
-
SSDEEP
3072:hj/tQG1ZO6jMj/t/DTUjvDXj1ZO41ZO0fTgS9w/MZOLwj:9OkgRDTYDXRR7fTgS9wEewj
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 3728 NOTEPAD.EXE