Overview

overview

4

Static

static

4

HDDScan.zip

windows7-x64

1

HDDScan.zip

windows10-2004-x64

1

HDDScan.exe

windows7-x64

3

HDDScan.exe

windows10-2004-x64

3

res/DEFECTSL.xml

windows7-x64

1

res/DEFECTSL.xml

windows10-2004-x64

1

res/DEFECTSP.xml

windows7-x64

1

res/DEFECTSP.xml

windows10-2004-x64

1

res/Flash.ini

windows7-x64

1

res/Flash.ini

windows10-2004-x64

1

res/IDEID.xml

windows7-x64

1

res/IDEID.xml

windows10-2004-x64

1

res/SCSIID.xml

windows7-x64

1

res/SCSIID.xml

windows10-2004-x64

1

res/SMART.xml

windows7-x64

1

res/SMART.xml

windows10-2004-x64

1

res/SMART_SCSI.xml

windows7-x64

1

res/SMART_SCSI.xml

windows10-2004-x64

1

res/TEST.xml

windows7-x64

1

res/TEST.xml

windows10-2004-x64

1

res/User Manual.pdf

windows7-x64

1

res/User Manual.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    82s
  • max time network
    93s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/04/2024, 17:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    res/Flash.ini

  • Size

    2KB

  • MD5

    7e33f7c3bb00eb9b355c113c7adb3717

  • SHA1

    fb7688037228d999e3059918c02553e544984a89

  • SHA256

    ea04e9e899ea413d2d6c895df2f6e880e079dae0e2f80e10ad0b0274aa17f30f

  • SHA512

    d6590b9bdef84d53090141a7d9914d67ea1effb14132f724f2b569ccec06d0eb309fb42fd89d85dde9342a83c6f19858c91a4736da76491a533da4b23358bd73

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\res\Flash.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads