3797d33045461d3f38719dc5a2c226a8163dc06ac0b75c2a93c54ab91f0efb5b | Triage

Analysis

max time kernel
361s
max time network
432s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
15-04-2023 12:36

Sharing

Report Analysis Logs

General

Target

res/Config/Pass.inf
Size

24B
MD5

e1b54e517318b3b3363551e926b9e474
SHA1

cdd2df4411afed1c9e44997dc9ebf85728eafcca
SHA256

dab8688b4d139db5ba57783791efbce34e9e46c37a2c506685cbc6d18e68073e
SHA512

edcdd405bf3d57cd524151e9f41670cb7c3bf693e59254c8a034c30a8457b936d507fa434d38e733819a11cf3afc6858d909fbe73bf091f3c96526cf99138728

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

3640 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\res\Config\Pass.inf
1⤵
- Opens file in notepad (likely ransom note)
PID:3640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...