Overview

overview

7

Static

static

3

Twister_ICEFUN.zip

windows7-x64

1

Twister_ICEFUN.zip

windows10-2004-x64

1

Autorun.exe

windows7-x64

7

Autorun.exe

windows10-2004-x64

7

Autorun.inf

windows7-x64

1

Autorun.inf

windows10-2004-x64

1

ctimne.txt

windows7-x64

1

ctimne.txt

windows10-2004-x64

1

swf/flashp...sa.exe

windows7-x64

1

swf/flashp...sa.exe

windows10-2004-x64

1

swf/game.dat

windows7-x64

3

swf/game.dat

windows10-2004-x64

3

swf/plosinovka.swf

windows7-x64

3

swf/plosinovka.swf

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/05/2023, 12:44

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ctimne.txt

  • Size

    417B

  • MD5

    16d3d6339369126a86ff992b43997c95

  • SHA1

    3b0d02b805c8f541741c0b7ba2a0c803c768f573

  • SHA256

    b4310b687d6ea45e45876293f8018250c2226b3faa098762ca226550e18f2ea0

  • SHA512

    fe553e5c1d188c5d2c0531ff9a4e26bddcc80ddf462ddce339c2221c30763b16f679dede2b93081076257ea90519c67586cb9542a74a81fba95066df223c8533

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\ctimne.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2492

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads