Overview

overview

3

Static

static

1

Greenshot.exe

windows7-x64

1

Greenshot.exe

windows10-2004-x64

1

Greenshot.exe.xml

windows7-x64

1

Greenshot.exe.xml

windows10-2004-x64

1

Greenshot.ini

windows7-x64

1

Greenshot.ini

windows10-2004-x64

1

GreenshotPlugin.dll

windows7-x64

1

GreenshotPlugin.dll

windows10-2004-x64

1

LinqBridge.dll

windows7-x64

1

LinqBridge.dll

windows10-2004-x64

1

Plugins/Gr...in.dll

windows7-x64

1

Plugins/Gr...in.dll

windows10-2004-x64

1

checksum.md5

windows7-x64

3

checksum.md5

windows10-2004-x64

3

log4net.dll

windows7-x64

1

log4net.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    27s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2023, 03:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Greenshot.ini

  • Size

    11KB

  • MD5

    c1bf33d9a63b15d7c5e574fc427fc4b8

  • SHA1

    9fd46d189adc1ff707c42e1d44d1e074bf619b94

  • SHA256

    c731a8367b2813e440a2006512874bce60eec0f98d5ca006669f41489f1cfc26

  • SHA512

    2d9758e64633c7e1d01640f8accdb5dd003d58ca6c72f6b0747f4f83cdcfd4d6de776423d25ff7b53dd55da2a5acb754a549b7060c6d44b57b698c1a5fe537f8

  • SSDEEP

    192:nBLDNxtSZhn36p84NxLUl4w6IbAYnsOIOeruHs940tt3jcEs6tuLF:nBLxxUZV36p84NxLUl4XCnsaKx9RvjfE

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Greenshot.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads