5e5eaafb3547a91972fd42a2fb4b74f533ceedcbfcc7efa437e9f2027f4a7152 | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
04-04-2024 15:21

Sharing

Report Analysis Logs

General

Target

MayhemAim/README.txt
Size

197B
MD5

e4be95e0b0512b5aba854e44d9e5871f
SHA1

4645336952dc91f530b19b0e267ff6768e83ae8e
SHA256

b617deb0d2d55f73361ec88123f51852f76fc3fab1a8deb33f47c7735c742c4e
SHA512

e6ceba58606915316c9e5780e540a4d72c2ec9fe9cfeba3d66a059ad46bd9a3ae607fdb1f0b5d911e2c52981fdd2534b69082b9addbec18e7603793f5bb106ec

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
1160	NOTEPAD.EXE

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1160	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\MayhemAim\README.txt
1⤵
- Opens file in notepad (likely ransom note)
- Suspicious use of FindShellTrayWindow
PID:1160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads