Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07/02/2023, 19:31

General

  • Target

    oslo/nicks.txt

  • Size

    106KB

  • MD5

    01f6be81b1ca32ea511f7d75e28afc49

  • SHA1

    b71034ac936a1aebd4e8a8247db32eb9d57907f2

  • SHA256

    d61ef69b088b63b6defbff829c5525b4e6dce6b1ad6d8c69a79bcd75252f4114

  • SHA512

    6b8ad00c8be146dc7d065ea1f5e492c2ec5a41294f900f374e3aa00e5103dc2e9b5d986c62998ec14c879a64dc51823188e00a32c51d400da0ac1d9cbe83b741

  • SSDEEP

    3072:hj/tQG1ZO6jMj/t/DTUjvDXj1ZO41ZO0fTgS9w/MZOLwj:9OkgRDTYDXRR7fTgS9wEewj

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\oslo\nicks.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads