5ec214ec9d1e2792eb71199f0e48a103cb721986348f7f1b6055eda38ff2d625 | Triage

Analysis

max time kernel
118s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
16-02-2024 20:12

Sharing

Report Analysis Logs

General

Target

6.txt
Size

9.5MB
MD5

e2c2c99742a3c8375c0b4fd844644818
SHA1

a65f89d956bc695960a0605f45d2f517160cc18f
SHA256

ff4a7910f92be56a6fd70fcde4bb915d4f177719987a55e9373f4b873b3e864a
SHA512

f3e0cfdaf3845f3a10ed707fa5aef7f29656bcc9cceecd35cdf3c1855f2910f140a979599c8ee2df877db1a8183c4f5d3420ee265097899df8c2c9d36b0ec53b
SSDEEP

196608:5vKr9i9zg0bJKDkbxqNCzRG93xAJhYoKC0pzhGdrMp5sPiBSDFp6T1s:Uhiy0IQbx+Sw90YobIzwruS6+

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs
ransomware

Processes:

NOTEPAD.EXE

pid process

1192 NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\6.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:1192

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...