Overview

overview

7

Static

static

3

WindowsPow...er.ps1

windows7-x64

1

WindowsPow...er.ps1

windows10-2004-x64

1

WindowsPow...ls.ps1

windows7-x64

1

WindowsPow...ls.ps1

windows10-2004-x64

1

WindowsPow...er.ps1

windows7-x64

1

WindowsPow...er.ps1

windows10-2004-x64

1

WindowsPow...er.ps1

windows7-x64

1

WindowsPow...er.ps1

windows10-2004-x64

1

WindowsPow...cd.dll

windows7-x64

1

WindowsPow...cd.dll

windows10-2004-x64

1

WindowsPow...es.dll

windows7-x64

1

WindowsPow...es.dll

windows10-2004-x64

1

WindowsPow...es.dll

windows7-x64

1

WindowsPow...es.dll

windows10-2004-x64

1

WindowsPow...tc.ps1

windows7-x64

1

WindowsPow...tc.ps1

windows10-2004-x64

1

WindowsPow...es.dll

windows7-x64

1

WindowsPow...es.dll

windows10-2004-x64

1

WindowsPow...le.ps1

windows7-x64

1

WindowsPow...le.ps1

windows10-2004-x64

1

WindowsPow...s.psd1

windows7-x64

1

WindowsPow...s.psd1

windows10-2004-x64

1

WindowsPow...V.psd1

windows7-x64

1

WindowsPow...V.psd1

windows10-2004-x64

1

WindowsPow...at.xml

windows7-x64

1

WindowsPow...at.xml

windows10-2004-x64

1

WindowsPow....cdxml

windows7-x64

3

WindowsPow....cdxml

windows10-2004-x64

7

WindowsPow....cdxml

windows7-x64

3

WindowsPow....cdxml

windows10-2004-x64

7

WindowsPow...t.psd1

windows7-x64

1

WindowsPow...t.psd1

windows10-2004-x64

1

Resubmissions

15/04/2024, 17:37

240415-v66nksed8w 7

15/04/2024, 17:34

240415-v5ll1sed3z 7

15/04/2024, 17:30

240415-v3fmzsca66 3

15/04/2024, 17:27

240415-v1vdcseb8w 7

Analysis

  • max time kernel
    12s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    15/04/2024, 17:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WindowsPowerShell/v1.0/Modules/UEV/UEV.psd1

  • Size

    1KB

  • MD5

    8a30691397357c37b642b6083bd68e8f

  • SHA1

    6bd0dd6950cbc497e4c4e7776ac157c1f080147f

  • SHA256

    cbc69fbe452b1d1362095a8020d4478cc8bd67d98246f003a5518ebd88b37395

  • SHA512

    7a9b8070e5bd297a7d6414cc80c1ddeff36e534ae7892aa4d463fcd3edf66305fc4c75e6c8e71e502b2e91908a3c4a03e10511b27f16dca7789b257fd50d18b2

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\System32\notepad.exe
    "C:\Windows\System32\notepad.exe" "C:\Users\Admin\AppData\Local\Temp\WindowsPowerShell\v1.0\Modules\UEV\UEV.psd1"
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads