Overview

overview

7

Static

static

7

com.joojvp...om.zip

windows7-x64

1

com.joojvp...om.zip

windows10-2004-x64

1

com.joojvp...ll.txt

windows7-x64

1

com.joojvp...ll.txt

windows10-2004-x64

1

com.joojvp..._1.png

windows7-x64

3

com.joojvp..._1.png

windows10-2004-x64

3

com.joojvp...om.apk

android-9-x86

com.joojvp...om.apk

android-10-x64

com.joojvp...om.apk

android-11-x64

baseline.prof

windows7-x64

3

baseline.prof

windows10-2004-x64

3

baseline.profm

windows7-x64

3

baseline.profm

windows10-2004-x64

3

geoip.dat

windows7-x64

3

geoip.dat

windows10-2004-x64

3

geosite.dat

windows7-x64

3

geosite.dat

windows10-2004-x64

3

com.joojvp...-1.apk

android-9-x86

com.joojvp...-1.apk

android-9-x86

com.joojvp...-1.apk

android-10-x64

com.joojvp...-1.apk

android-11-x64

com.joojvp...-1.apk

android-9-x86

com.joojvp...-1.apk

android-10-x64

com.joojvp...-1.apk

android-11-x64

com.joojvp...-1.apk

android-9-x86

com.joojvp...-1.apk

android-10-x64

com.joojvp...-1.apk

android-11-x64

Resubmissions

07/08/2023, 05:07

230807-fr9dladf66 7

07/08/2023, 05:04

230807-fqc9rseh9v 7

07/08/2023, 05:01

230807-fnthzadf57 7

Analysis

  • max time kernel
    300s
  • max time network
    185s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/08/2023, 05:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    com.joojvpn.uj.io/How-to-install.txt

  • Size

    492B

  • MD5

    ecb350cce8b57cd45a7c68c48265cb55

  • SHA1

    73b4d9d82b3758ef5c509949886947dbb3cc078d

  • SHA256

    f10c1489f39c44bb9403fd03151088973dcb9c1326c5c13368f114460dad7fcd

  • SHA512

    69c64acd5a352da474d156bf2ba007b255c8b58c8cf4b2fd074d157a336bd6efb8dca6eeecd462ca8c49d3574ef7ebcd0cd1553a3b0da44061b0dff3fbaa4131

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\com.joojvpn.uj.io\How-to-install.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads