Overview

overview

7

Static

static

3

colorbot.rar

windows7-x64

3

colorbot.rar

windows10-2004-x64

3

colorbot/a...ce.exe

windows7-x64

7

colorbot/a...ce.exe

windows10-2004-x64

7

aimsource.pyc

windows7-x64

3

aimsource.pyc

windows10-2004-x64

3

colorbot/config.txt

windows7-x64

1

colorbot/config.txt

windows10-2004-x64

1

colorbot/k...st.txt

windows7-x64

1

colorbot/k...st.txt

windows10-2004-x64

1

colorbot/l...ch.txt

windows7-x64

1

colorbot/l...ch.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    12-05-2024 07:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    colorbot/keybind_list.txt

  • Size

    889B

  • MD5

    e8c3de689dc6a04cf52b3fc2e33f0aab

  • SHA1

    a588377a5474574588af6e0469e74ca02000c5cc

  • SHA256

    a755aa88fbfc896c505d8bd81bff8983ad21cfaa792fc91088b2e00a0898c6c0

  • SHA512

    4097639ef05ebef55b771211d99a293c5bbbd2cc2ed5863f320cd514536636ae434790245a63eaa430bd2d1f05de1ee7920c6351c4f16cb89816942bb2332441

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\colorbot\keybind_list.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads