Analysis
-
max time kernel
31s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
05-05-2023 01:46
Static task
static1
Behavioral task
behavioral1
Sample
a.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
s.txt
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
s.txt
Resource
win10v2004-20230220-en
General
-
Target
s.txt
-
Size
285KB
-
MD5
adc66e72450361ce494c2d3380670ff9
-
SHA1
467484750d09ec66fc17686b10deb57bfa23a423
-
SHA256
113a87ec1be61059a3b13f9ccb43ea18d5ca644949ad8f6d6d5e4056aa33cebc
-
SHA512
309a98e95471f4159cd7a4cf7714c72eba3b8dda48bdac7aaf19d2ccf0efc2945e90daf430c6f007573e074408dafc7e07b00929fba6b073ca7480b69b3fff95
-
SSDEEP
6144:arXHD4stFNh097hUwg9/1MHwgxxNg7p89bLY9YocTckbd7oY+3gLC4rbyyt9/N/F:arXHdNh097hUwg9/1MHwgxxNg7p89bL9
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 1296 NOTEPAD.EXE