f5b28e2a6433db8956e9060e1e1299a7f37f8e229cf3629d75537f38d45b2208 | Triage

Analysis

max time kernel
156s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
04-05-2023 11:50

Sharing

Report Analysis Logs

General

Target

nsm_vpro.ini
Size

46B
MD5

3be27483fdcdbf9ebae93234785235e3
SHA1

360b61fe19cdc1afb2b34d8c25d8b88a4c843a82
SHA256

4bfa4c00414660ba44bddde5216a7f28aeccaa9e2d42df4bbff66db57c60522b
SHA512

edbe8cf1cbc5fed80fedf963ade44e08052b19c064e8bca66fa0fe1b332141fbe175b8b727f8f56978d1584baaf27d331947c0b3593aaff5632756199dc470e5

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

3336 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\nsm_vpro.ini
1⤵
- Opens file in notepad (likely ransom note)
PID:3336

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...