Overview

overview

3

Static

static

3

_16ec2e4e-..._2.zip

windows10-1703-x64

1

_16ec2e4e-...67.zip

windows10-1703-x64

1

_16ec2e4e-...67.zip

windows10-1703-x64

1

16ec2e4e-6...67.xml

windows10-1703-x64

1

CyveraSystem.reg

windows10-1703-x64

1

Logs/Traps...tl.001

windows10-1703-x64

3

Logs/Traps...tl.002

windows10-1703-x64

3

Logs/Traps...tl.003

windows10-1703-x64

3

Logs/Traps...tl.001

windows10-1703-x64

3

Logs/Traps...tl.002

windows10-1703-x64

3

Logs/Traps...tl.003

windows10-1703-x64

3

Logs/Traps...tl.004

windows10-1703-x64

3

Logs/Traps...tl.001

windows10-1703-x64

3

Logs/Traps...tl.002

windows10-1703-x64

3

Logs/Traps...tl.003

windows10-1703-x64

3

Logs/Traps...tl.001

windows10-1703-x64

3

Logs/Traps...tl.002

windows10-1703-x64

3

Logs/Traps...tl.003

windows10-1703-x64

3

Logs/adapt...log.gz

windows10-1703-x64

3

Logs/adapt...log.gz

windows10-1703-x64

3

Logs/adapt...log.gz

windows10-1703-x64

3

Logs/adapt...log.gz

windows10-1703-x64

3

Logs/adapt...log.gz

windows10-1703-x64

3

Logs/adapt...cy.log

windows10-1703-x64

1

Logs/corte...ad.log

windows10-1703-x64

1

Logs/cytool.log

windows10-1703-x64

1

Logs/cytoo...rb.log

windows10-1703-x64

1

Logs/foren...ts.log

windows10-1703-x64

1

Logs/foren....log.1

windows10-1703-x64

3

Logs/foren....log.2

windows10-1703-x64

3

Logs/foren....log.3

windows10-1703-x64

3

Logs/foren....log.4

windows10-1703-x64

3

Analysis

  • max time kernel
    123s
  • max time network
    134s
  • platform
    windows10-1703_x64
  • resource
    win10-20240214-en
  • resource tags

    arch:x64arch:x86image:win10-20240214-enlocale:en-usos:windows10-1703-x64system
  • submitted
    18/03/2024, 19:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Logs/forensic_scripts.log

  • Size

    3.4MB

  • MD5

    29d687ba6d0bccdf5a73f7331df6f7a7

  • SHA1

    bdbe7d9bc00333776871334036c1c114e44aa920

  • SHA256

    ae6a00f469789f6b50fddaf515097e228fee2bafc0d71c1b0cf98a8d8e3fa920

  • SHA512

    583da257f402dd701d21b444ad806b7e4212c213fef76c1e8b87934c1a16221de3feb79f7f4fc7275673c9357496d16aaa3c45953bd9f25e66093dc4542a04df

  • SSDEEP

    24576:Dv0SNMYz3z6LBal/eP4r36wK3jUTn+3EBRBdxzfh7kjaxZ2t3F0MwpDfRP2MJS2C:Y

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Logs\forensic_scripts.log
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads