Overview
overview
3Static
static
3_16ec2e4e-..._2.zip
windows10-1703-x64
1_16ec2e4e-...67.zip
windows10-1703-x64
1_16ec2e4e-...67.zip
windows10-1703-x64
116ec2e4e-6...67.xml
windows10-1703-x64
1CyveraSystem.reg
windows10-1703-x64
1Logs/Traps...tl.001
windows10-1703-x64
3Logs/Traps...tl.002
windows10-1703-x64
3Logs/Traps...tl.003
windows10-1703-x64
3Logs/Traps...tl.001
windows10-1703-x64
3Logs/Traps...tl.002
windows10-1703-x64
3Logs/Traps...tl.003
windows10-1703-x64
3Logs/Traps...tl.004
windows10-1703-x64
3Logs/Traps...tl.001
windows10-1703-x64
3Logs/Traps...tl.002
windows10-1703-x64
3Logs/Traps...tl.003
windows10-1703-x64
3Logs/Traps...tl.001
windows10-1703-x64
3Logs/Traps...tl.002
windows10-1703-x64
3Logs/Traps...tl.003
windows10-1703-x64
3Logs/adapt...log.gz
windows10-1703-x64
3Logs/adapt...log.gz
windows10-1703-x64
3Logs/adapt...log.gz
windows10-1703-x64
3Logs/adapt...log.gz
windows10-1703-x64
3Logs/adapt...log.gz
windows10-1703-x64
3Logs/adapt...cy.log
windows10-1703-x64
1Logs/corte...ad.log
windows10-1703-x64
1Logs/cytool.log
windows10-1703-x64
1Logs/cytoo...rb.log
windows10-1703-x64
1Logs/foren...ts.log
windows10-1703-x64
1Logs/foren....log.1
windows10-1703-x64
3Logs/foren....log.2
windows10-1703-x64
3Logs/foren....log.3
windows10-1703-x64
3Logs/foren....log.4
windows10-1703-x64
3Analysis
-
max time kernel
125s -
max time network
136s -
platform
windows10-1703_x64 -
resource
win10-20240221-en -
resource tags
arch:x64arch:x86image:win10-20240221-enlocale:en-usos:windows10-1703-x64system -
submitted
18/03/2024, 19:41
Static task
static1
Behavioral task
behavioral1
Sample
_16ec2e4e-6cf7-4e69-b2f3-676c8263db67_2.zip
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral2
Sample
_16ec2e4e-6cf7-4e69-b2f3-676c8263db67.zip
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral3
Sample
_16ec2e4e-6cf7-4e69-b2f3-676c8263db67.zip
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral4
Sample
16ec2e4e-6cf7-4e69-b2f3-676c8263db67.xml
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral5
Sample
CyveraSystem.reg
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral6
Sample
Logs/Traps_native_log.8.1.0.41560.etl.001
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral7
Sample
Logs/Traps_native_log.8.1.0.41560.etl.002
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral8
Sample
Logs/Traps_native_log.8.1.0.41560.etl.003
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral9
Sample
Logs/Traps_native_log.8.1.1.43337.etl.001
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral10
Sample
Logs/Traps_native_log.8.1.1.43337.etl.002
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral11
Sample
Logs/Traps_native_log.8.1.1.43337.etl.003
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral12
Sample
Logs/Traps_native_log.8.1.1.43337.etl.004
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral13
Sample
Logs/Traps_native_log.8.1.2.47081.etl.001
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral14
Sample
Logs/Traps_native_log.8.1.2.47081.etl.002
Resource
win10-20240214-en
windows10-1703-x64
Behavioral task
behavioral15
Sample
Logs/Traps_native_log.8.1.2.47081.etl.003
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral16
Sample
Logs/Traps_native_log.8.2.0.46986.etl.001
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral17
Sample
Logs/Traps_native_log.8.2.0.46986.etl.002
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral18
Sample
Logs/Traps_native_log.8.2.0.46986.etl.003
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral19
Sample
Logs/adaptive_policy.1.log.gz
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral20
Sample
Logs/adaptive_policy.2.log.gz
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral21
Sample
Logs/adaptive_policy.3.log.gz
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral22
Sample
Logs/adaptive_policy.4.log.gz
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral23
Sample
Logs/adaptive_policy.5.log.gz
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral24
Sample
Logs/adaptive_policy.log
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral25
Sample
Logs/cortex-xdr-payload.log
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral26
Sample
Logs/cytool.log
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral27
Sample
Logs/cytool.taylorb.log
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral28
Sample
Logs/forensic_scripts.log
Resource
win10-20240214-en
windows10-1703-x64
Behavioral task
behavioral29
Sample
Logs/forensic_scripts.log.1
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral30
Sample
Logs/forensic_scripts.log.2
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral31
Sample
Logs/forensic_scripts.log.3
Resource
win10-20240221-en
windows10-1703-x64
Behavioral task
behavioral32
Sample
Logs/forensic_scripts.log.4
Resource
win10-20240221-en
windows10-1703-x64
General
-
Target
Logs/cytool.taylorb.log
-
Size
610B
-
MD5
a02a7c177211554091d2ca809737a19f
-
SHA1
a90d9eb1c6b18bf0b906fa2dcef557e45488ee4a
-
SHA256
b70b4dc5dba129baa9dbd63879704f020ab917c4a37eb3c0ac80123da5b8d8e3
-
SHA512
ff47a365bbafaebae06cba6332936ea7d0d2f28dc999529169c5e93768326f9814bf05ef35b70224a66c4b693d89aabdc10e39957e4703cd4b1289f7f451165f
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 3448 NOTEPAD.EXE