0f71c6bbe9353075c70df8fa35b8ae16ba04c87d2f40b4a53d97481afc30b1f1

Resubmissions

09/05/2023, 17:51 UTC

09/05/2023, 17:46 UTC

08/05/2023, 22:53 UTC

max time kernel
306s
max time network
317s
platform
windows10-1703_x64
resource
win10-20230220-en
resource tags

arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
submitted
09/05/2023, 17:51 UTC

Target

changelog.txt
Size

14KB
MD5

ab1301006a7bd5af1d8130ce4d526dc2
SHA1

342216089bcba24dac93872ea1f562ab57448af4
SHA256

eace59dead399fda4da8f560e5ee4d16dc2f62cea03857d2e8a59d9ce66dc57d
SHA512

6bc1f99cdc9c60e272e1cace376276bd3d4fefc90f9146106af158469d37c7f0c93ff0422dcc270b93f060b7735fe0860a7f3a056476e1b7ecf8a08e0407349c
SSDEEP

384:9ZlB/1lPqBvGGRSJPrkWSYdRmRJfcg1Eq1Gov0qixeUqJveZTKaCimh9GnT+B7UZ:9ZlB/1lPqBvGGRSJzkWSYdRmRJfcsEq8

Score

1^/10

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
2244	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\changelog.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:2244