3797d33045461d3f38719dc5a2c226a8163dc06ac0b75c2a93c54ab91f0efb5b | Triage

Analysis

max time kernel
382s
max time network
445s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
15-04-2023 12:36

Sharing

Report Analysis Logs

General

Target

res/Config/supported_text.inf
Size

480B
MD5

1a23ff3ea049ae2fc2d9ebf365201397
SHA1

f93bb32cf3c8183cac905918eee3ed9524217faa
SHA256

0ca63247fe912564f2aa651e2bd260ed28f32dda101e269c79cdf6ea2535b57a
SHA512

5172c3007fd4b013219d4e4ac5039b6139841db525cd3498b6b6f8af65d5f0a846a229d8cf6ae2c0fa58495340a955da22c974daeba4d548e35a86abc746789d

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

4080 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\res\Config\supported_text.inf
1⤵
- Opens file in notepad (likely ransom note)
PID:4080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...