d183a256700192ba485c441674789d0241a59688015119bf65d5cb2078e2cc13 | Triage

Analysis

max time kernel
25s
max time network
34s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
30-03-2023 14:06

Sharing

Report Analysis Logs

General

Target

ActiveCode.txt
Size

122KB
MD5

9567061462acc939155d6d7cab639ba4
SHA1

33bd5a218fbe7da8d53e6e8026ad8466109a2c85
SHA256

ba86e5f9bf39ddf9bbdcabfcdb8c7e28ec617781f4f6e3c820cc32ae4b27cdea
SHA512

d8ccd53d2c4a80bf55378fbf2c76ef6c06ee2e2cfa30e94f2538e626fb15a24c950a6a966717721fc31f21259db77a0b64b0600df4eaabae554a3469debc2fb2
SSDEEP

24:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaan:e

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

1200 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ActiveCode.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:1200

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...