Resubmissions

23-02-2024 11:52

240223-n18gnafd9v 10

23-02-2024 08:58

240223-kxe46aea3y 10

Analysis

  • max time kernel
    122s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-02-2024 11:52

General

  • Target

    Resource/TypeSupport/Unicode/Mappings/win/CP1253.txt

  • Size

    8KB

  • MD5

    6b77baac03038b028948d2a667efdaa1

  • SHA1

    6afbc63ab3a2b0bf10cbe802f7633da3e3198417

  • SHA256

    2d36bec3e1ecbf2b6de8a37c98717ae21ca8c5bc0b487556996b3fff2b6f6fd9

  • SHA512

    d7541266b100ac879be8139108344121b10390350b93d26c6f5c5279c18503d7b6829332281a892369de4d578090987d1310201262c181addbc3b9d9495bd209

  • SSDEEP

    192:Nz9Vb+Mu1eIqY/tJVLTjbew6Si/0eTmVvZOzdTWb7D:Nr3+qw7VLTjbewGsB

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Resource\TypeSupport\Unicode\Mappings\win\CP1253.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads