Overview

overview

3

Static

static

3

MUI/0409/moviemk.chm

windows7-x64

1

moviemk.exe

windows7-x64

1

sample.asf

windows7-x64

1

shared/empty.txt

windows7-x64

1

shared/filters.xml

windows7-x64

1

shared/news.png

windows7-x64

3

shared/paint.png

windows7-x64

3

shared/pro...nk.txt

windows7-x64

1

shared/sample1.jpg

windows7-x64

3

shared/sample2.jpg

windows7-x64

3

wmm2ae.dll

windows7-x64

1

wmm2eres.dll

windows7-x64

1

wmm2ext.dll

windows7-x64

1

wmm2filt.dll

windows7-x64

1

wmm2fxa.dll

windows7-x64

1

wmm2fxb.dll

windows7-x64

1

wmm2res.dll

windows7-x64

1

wmm2res2.dll

windows7-x64

1

wmmfilt.dll

windows7-x64

1

wmmres.dll

windows7-x64

1

wmmutil.dll

windows7-x64

3

Analysis

  • max time kernel
    1559s
  • max time network
    1563s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2023, 22:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    shared/empty.txt

  • Size

    18B

  • MD5

    04a3cca452ce08ffac8b8cb7731099b8

  • SHA1

    cfb079acb8d14d92988886d20613a0992d13f389

  • SHA256

    b2a2ab4cbdf882d449bce3b979a22e7396bffa2bb8c75b9006d270bd2a5dc1a4

  • SHA512

    cb25696cf5f001fe75526b6810a94e04a4b6a7911e724657824b6c9bde868d759acc29404d6878a669c6dd11bc2f3a9166bca0221f39eb6e64636eb4f8fceebe

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\shared\empty.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads