Overview
overview
10Static
static
350fa244bac...1c.zip
windows7-x64
150fa244bac...1c.zip
windows10-2004-x64
1Invoices.lnk
windows7-x64
8Invoices.lnk
windows10-2004-x64
7Res/Settings.ini
windows7-x64
1Res/Settings.ini
windows10-2004-x64
1Res/TVPSkin.dll
windows7-x64
3Res/TVPSkin.dll
windows10-2004-x64
3Res/hskin.dll
windows7-x64
1Res/hskin.dll
windows10-2004-x64
1Res/tvp.exe
windows7-x64
8Res/tvp.exe
windows10-2004-x64
10Analysis
-
max time kernel
28s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20230703-en -
resource tags
arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system -
submitted
10-07-2023 07:13
Static task
static1
Behavioral task
behavioral1
Sample
50fa244bace65606484686c0468c38c07cacf8d51dd4be774e231dc94b63371c.zip
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
50fa244bace65606484686c0468c38c07cacf8d51dd4be774e231dc94b63371c.zip
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
Invoices.lnk
Resource
win7-20230703-en
Behavioral task
behavioral4
Sample
Invoices.lnk
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
Res/Settings.ini
Resource
win7-20230703-en
Behavioral task
behavioral6
Sample
Res/Settings.ini
Resource
win10v2004-20230703-en
Behavioral task
behavioral7
Sample
Res/TVPSkin.dll
Resource
win7-20230703-en
Behavioral task
behavioral8
Sample
Res/TVPSkin.dll
Resource
win10v2004-20230703-en
Behavioral task
behavioral9
Sample
Res/hskin.dll
Resource
win7-20230703-en
Behavioral task
behavioral10
Sample
Res/hskin.dll
Resource
win10v2004-20230703-en
Behavioral task
behavioral11
Sample
Res/tvp.exe
Resource
win7-20230703-en
General
-
Target
Res/Settings.ini
-
Size
1KB
-
MD5
cc9251badf7a32db553b5076df3b8198
-
SHA1
194ab4fd9fb2212a9ee013735f87171f776ef488
-
SHA256
d53285d77084f640f45b05e96fa5329e55e0da11761c7b3d960bb73a9b11dbc6
-
SHA512
4ada8e78a75db52f10546ecaccc91bc2f5d20b6f6b3c7612d194c5e926bc4db98e32019210fbba1137f55fca3133390b7ef5870f72f2fade5e07c1064d0ac38f
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 2388 NOTEPAD.EXE