Overview

overview

3

Static

static

1

Minecraft 64 Bits.rar

windows7-x64

3

Minecraft 64 Bits.rar

windows10-2004-x64

3

Borrador/L...ic.lng

windows7-x64

3

Borrador/L...ic.lng

windows10-2004-x64

3

Borrador/L...mp.lng

windows7-x64

3

Borrador/L...mp.lng

windows10-2004-x64

3

Borrador/L...ad.lng

windows7-x64

3

Borrador/L...ad.lng

windows10-2004-x64

3

Borrador/L...ch.lng

windows7-x64

3

Borrador/L...ch.lng

windows10-2004-x64

3

Borrador/L...sh.lng

windows7-x64

3

Borrador/L...sh.lng

windows10-2004-x64

3

Borrador/L...ch.lng

windows7-x64

3

Borrador/L...ch.lng

windows10-2004-x64

3

Borrador/L...sh.lng

windows7-x64

3

Borrador/L...sh.lng

windows10-2004-x64

3

Borrador/L...sh.lng

windows7-x64

3

Borrador/L...sh.lng

windows10-2004-x64

3

Borrador/L...an.lng

windows7-x64

3

Borrador/L...an.lng

windows10-2004-x64

3

Borrador/L...an.lng

windows7-x64

3

Borrador/L...an.lng

windows10-2004-x64

3

Borrador/L...an.lng

windows7-x64

3

Borrador/L...an.lng

windows10-2004-x64

3

Borrador/L...se.lng

windows7-x64

3

Borrador/L...se.lng

windows10-2004-x64

3

Borrador/L...sh.lng

windows7-x64

3

Borrador/L...sh.lng

windows10-2004-x64

3

Borrador/L...an.lng

windows7-x64

3

Borrador/L...an.lng

windows10-2004-x64

3

Borrador/L...sh.lng

windows7-x64

3

Borrador/L...sh.lng

windows10-2004-x64

3

Analysis

  • max time kernel
    151s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-02-2023 22:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Borrador/Language/Russian.lng

  • Size

    7KB

  • MD5

    f3601cd1c2fecc1b7190cbd724ced684

  • SHA1

    8cf1e731050aee6afcbba0f32c81ed7578f0f41e

  • SHA256

    84bfadabf7893eec7123b5f1ca41394d3a69d237b5f355f3f2ce29f1854888d8

  • SHA512

    06e7c202036d5403e9da27884d04d216bd6b1b92b8d8b0a1caf105722d4668c2727be91fa5c8cacdf91aa838ec7408d5c0354476945e2736ce3437a360b7dd0e

  • SSDEEP

    96:rRuK6ylCauTV1LM9tgAT/4TT7wTJMTAoY4Jp5Ty9w6g0hTqBTrDozW7DMXSUB9yN:duJywauTV1w9XTyTUTmT4CQkTtD2Hy73

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Borrador\Language\Russian.lng
    1⤵
    • Modifies registry class
    PID:4204
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1108

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads