Overview

overview

7

Static

static

3

Infinity.zip

windows7-x64

1

Infinity.zip

windows10-2004-x64

1

README.txt

windows7-x64

1

README.txt

windows10-2004-x64

1

certificate.bat

windows7-x64

1

certificate.bat

windows10-2004-x64

1

main.exe

windows7-x64

7

main.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    165s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-10-2023 19:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    README.txt

  • Size

    242B

  • MD5

    8faf6a1f3d665ff7ab56c738bdf38cbe

  • SHA1

    4e89452ad6d6af46ab9b94b19e8e2586e0305a41

  • SHA256

    8a3a30725dace1324cb29ef63a8cfb4246475dabc6b8e1d33e9741eab10fd284

  • SHA512

    a31e0e63a11a115923fd555e6f4f469f15e5967b1892eb1c15b5a66b33298f8f8e504dfcbcd505b0cd1c208e08ec18f36bd76f04a27ecb0fd424d6293ac711aa

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\README.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3960
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4076
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ffafe9346f8,0x7ffafe934708,0x7ffafe934718
      2⤵
        PID:5092

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
      Filesize

      152B

      MD5

      1222f8c867acd00b1fc43a44dacce158

      SHA1

      586ba251caf62b5012a03db9ba3a70890fc5af01

      SHA256

      1e451cb9ffe74fbd34091a1b8d0ab2158497c19047b3416d89e55f498aae264a

      SHA512

      ef3f2fc1cedfc28fb530c710219b8e9eb833a2f344b91d3ffb2d82d7bbedbc223f4b60a38bea35b72eb706e4880ffcbb9256a9768f39bae95c5544be0f503916

      Download Submit