Overview
overview
8Static
static
1Pass_55555_Setup.rar
windows10-1703-x64
3Installer-x64bit.exe
windows10-1703-x64
8Qt5Gui.dll
windows10-1703-x64
1avcodec-58.dll
windows10-1703-x64
1avformat-58.dll
windows10-1703-x64
1license.txt
windows10-1703-x64
1plugins/im...if.dll
windows10-1703-x64
1plugins/im...co.dll
windows10-1703-x64
1plugins/im...eg.dll
windows10-1703-x64
1plugins/me...ne.dll
windows10-1703-x64
1plugins/me...ne.dll
windows10-1703-x64
1plugins/pl...ws.dll
windows10-1703-x64
1plugins/st...le.dll
windows10-1703-x64
1scripting/citra.py
windows10-1703-x64
3Resubmissions
27-02-2023 04:37
230227-e83rpsbf3s 827-02-2023 04:25
230227-e2b1eabe9v 327-02-2023 04:20
230227-ex6n8abg69 827-02-2023 04:14
230227-ets9qabe8t 412-02-2023 12:22
230212-pkc69adh37 8Analysis
-
max time kernel
43s -
max time network
55s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system -
submitted
27-02-2023 04:20
Static task
static1
Behavioral task
behavioral1
Sample
Pass_55555_Setup.rar
Resource
win10-20230220-en
Behavioral task
behavioral2
Sample
Installer-x64bit.exe
Resource
win10-20230220-en
Behavioral task
behavioral3
Sample
Qt5Gui.dll
Resource
win10-20230220-en
Behavioral task
behavioral4
Sample
avcodec-58.dll
Resource
win10-20230220-en
Behavioral task
behavioral5
Sample
avformat-58.dll
Resource
win10-20230220-en
Behavioral task
behavioral6
Sample
license.txt
Resource
win10-20230220-en
Behavioral task
behavioral7
Sample
plugins/imageformats/qgif.dll
Resource
win10-20230220-en
Behavioral task
behavioral8
Sample
plugins/imageformats/qico.dll
Resource
win10-20230220-en
Behavioral task
behavioral9
Sample
plugins/imageformats/qjpeg.dll
Resource
win10-20230220-en
Behavioral task
behavioral10
Sample
plugins/mediaservice/dsengine.dll
Resource
win10-20230220-en
Behavioral task
behavioral11
Sample
plugins/mediaservice/wmfengine.dll
Resource
win10-20230220-en
Behavioral task
behavioral12
Sample
plugins/platforms/qwindows.dll
Resource
win10-20230220-en
Behavioral task
behavioral13
Sample
plugins/styles/qwindowsvistastyle.dll
Resource
win10-20230220-en
Behavioral task
behavioral14
Sample
scripting/citra.py
Resource
win10-20230220-en
General
-
Target
license.txt
-
Size
19KB
-
MD5
90df4d454db203057f5860b62f8771e3
-
SHA1
dc038d536a218fbecb83c6ad28990e9b8e655699
-
SHA256
8bd137ca8047a040d6d7e96b68910bc3b78b9b223c13420113f92c0e0fd39452
-
SHA512
f498a5987530cf8595c34450df616bfb890a566e4faa4f4bbe6669ef49c8bc0864533ab376661ebfc8857c7b86851d9c489388e60f9da48bce5dd39a0db19223
-
SSDEEP
384:Thj2PmwERb6k/iAVX/dUY2ZpEGMOZ77o0UDqHnfBVRbVXSIavl6J:Th6un1iYWrTXo0UDqHmy
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 400 NOTEPAD.EXE