Overview

overview

6

Static

static

1

stuff.txt

windows7-x64

6

stuff.txt

windows10-2004-x64

1

Resubmissions

13/07/2023, 15:36

230713-s14wpahc48 6

13/07/2023, 15:31

230713-sydlqahc39 6

13/07/2023, 15:28

230713-swrqkaab3t 6

13/07/2023, 15:25

230713-st4mcahc26 1

Analysis

  • max time kernel
    84s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2023, 15:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    stuff.txt

  • Size

    591B

  • MD5

    251629b620842fa76e1ad97e41ac5534

  • SHA1

    2a2e86dd0e80ffe3b2ad8354826f01c46d618a72

  • SHA256

    3e59c1bafdcead2b1dec620c3ed169b60af30fc406c136fa2dbf4f09df6cbe14

  • SHA512

    ce7f6a21a8da8156ebd875e2c70f67c508ba56237d1434bb063baeabd8abc9e12a9cb1f8e661fff3e94b655b61ccb59d000c689378b405980ed3aa916e717115

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\stuff.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1712
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1204 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:2
    1⤵
      PID:2524
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1548 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
      1⤵
        PID:2188
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
        1⤵
          PID:2800
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=2292 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
          1⤵
            PID:3068
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=2264 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
            1⤵
              PID:3020
            • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
              "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
              1⤵
                PID:2880
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1488 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:2
                1⤵
                  PID:552
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3204 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                  1⤵
                    PID:3040
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --mojo-platform-channel-handle=3332 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                    1⤵
                      PID:1692
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3560 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                      1⤵
                        PID:1920
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3676 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                        1⤵
                          PID:2568
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3792 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                          1⤵
                            PID:2624
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=3544 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                            1⤵
                              PID:2376
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3636 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                              1⤵
                                PID:1152
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4072 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                1⤵
                                  PID:560
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=4136 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                                  1⤵
                                    PID:1696
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=1168 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                                    1⤵
                                      PID:1416
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=3880 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                                      1⤵
                                        PID:2112
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2748 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                        1⤵
                                          PID:1920
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --mojo-platform-channel-handle=3528 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:1
                                          1⤵
                                            PID:1408
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=844 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                            1⤵
                                              PID:2088
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4216 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                              1⤵
                                                PID:1572
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2768 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                                1⤵
                                                  PID:2928
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1708 --field-trial-handle=1220,i,12378508675180031189,14756747677473685432,131072 /prefetch:8
                                                  1⤵
                                                    PID:1224

                                                  Network

                                                  MITRE ATT&CK Enterprise v6

                                                  Replay Monitor

                                                  Loading Replay Monitor...

                                                  Downloads

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
                                                    Filesize

                                                    2KB

                                                    MD5

                                                    641a4c0e531c514bc7dac3ddb5e7ff48

                                                    SHA1

                                                    dd125523d007d9a8ab97ed3479777f4bc44f5844

                                                    SHA256

                                                    da306071c688209f65fbe88a817ab11a4b5838881c273c6981adfc2eaec80d61

                                                    SHA512

                                                    e8eae6defc391a603443d95938c528a07ee7c929b51ba283e1e3ddeada9439b138624e365f86c910db47b3499b2e638755be9a4a35c113b232dc7bd3c4acace5

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    08d502aa40006b44d55554b97d0b2b4a

                                                    SHA1

                                                    0bdc68afd2f11147a5bc8213fa272130ca8772f0

                                                    SHA256

                                                    0be099fb7b3728e5c656c2d7d3f518e1ee7eb959b0bd35923930e3a4745f439b

                                                    SHA512

                                                    928c4b31b9152e582c24be7a5ea618ebad7e6a7587f8fdd1c84beb3e249656a14b15632e719db4ae0c22770cfcb399fe1bf7506d7828ed85dc56752600c3fe7e

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    9358de9a646820ddd27f124ba459b3ae

                                                    SHA1

                                                    f1e2b2bd95d60e8f5cd7a5023a1c17aa1c333119

                                                    SHA256

                                                    dd2d702e78d666e32c274e5caa0b2176386569beead42048e328104a2c0c7585

                                                    SHA512

                                                    e94c46cd50ad5e3281d261cfe1f11e1b9548b73454a8e76ec8a9846e90b64bad7708da98d3b0cbdc7315b74ba1555165119ddf41371e7420c0ce434da5b38162

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    1KB

                                                    MD5

                                                    80ff737e4b955991c60ff55068a9d111

                                                    SHA1

                                                    d773003de08e2dc7b511b648acb4b6cd798b6c43

                                                    SHA256

                                                    beee51e32f453176da934e5b6af4ffb9c00806929ebfa65aea9c9818d1add2fc

                                                    SHA512

                                                    b0f1a821806534fdf589a66ff00104015beeb015521a076981af4a3baa47ce0f3a857befd2579c95f08eb564a501bbed40bbff676bd76be32eaaa477cfcf59db

                                                    Download Submit

                                                  • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
                                                    Filesize

                                                    527B

                                                    MD5

                                                    44b2dde810dc744558f60d8a837f52df

                                                    SHA1

                                                    3dda2491d27851f2db7161da83c394fb1a60f53a

                                                    SHA256

                                                    494e0794727aa4fd8ced2774a135924ab447de4b306cb04c62db7dd8c613ccf0

                                                    SHA512

                                                    cd8690b031dd541b8b71d59a3336ee4b14a4ef67701ca4935ef2a2af50ae0a46f2c22f825c6d1d9456fa72bb65bba9c0c970c7309a89376fe7ef2364e52c9c8a

                                                    Download Submit