Overview
overview
6Static
static
3TerrariaFI...ix.dll
windows7-x64
1TerrariaFI...ix.dll
windows10-2004-x64
1TerrariaFI...ix.ini
windows7-x64
1TerrariaFI...ix.ini
windows10-2004-x64
1TerrariaFI...ix.url
windows7-x64
6TerrariaFI...ix.url
windows10-2004-x64
6TerrariaFI...IS.url
windows7-x64
1TerrariaFI...IS.url
windows10-2004-x64
1TerrariaFI...pi.dll
windows7-x64
1TerrariaFI...pi.dll
windows10-2004-x64
1TerrariaFI...pi.dll
windows7-x64
1TerrariaFI...pi.dll
windows10-2004-x64
1Analysis
-
max time kernel
136s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
17/05/2024, 18:52
Static task
static1
Behavioral task
behavioral1
Sample
TerrariaFIX.V2/OnlineFix.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
TerrariaFIX.V2/OnlineFix.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
TerrariaFIX.V2/OnlineFix.ini
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
TerrariaFIX.V2/OnlineFix.ini
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
TerrariaFIX.V2/OnlineFix.url
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
TerrariaFIX.V2/OnlineFix.url
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
TerrariaFIX.V2/Pivigames.blog - Descarga JUEGOS GRATIS.url
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
TerrariaFIX.V2/Pivigames.blog - Descarga JUEGOS GRATIS.url
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
TerrariaFIX.V2/steam_api.dll
Resource
win7-20240215-en
Behavioral task
behavioral10
Sample
TerrariaFIX.V2/steam_api.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
TerrariaFIX.V2/steam_api.dll
Resource
win7-20240508-en
Behavioral task
behavioral12
Sample
TerrariaFIX.V2/steam_api.dll
Resource
win10v2004-20240508-en
General
-
Target
TerrariaFIX.V2/OnlineFix.ini
-
Size
4KB
-
MD5
f0739c9b20b0c32df1ebe1f70262d4a0
-
SHA1
6b1045a9144d18da2032dfa45edbd086b15071cf
-
SHA256
2778cc0a1891975dab80931c74f045f198d7b6b1019f04e1ef296ba75acaf88c
-
SHA512
5a07d172208af503b1ee5a14f965723f34e2a987cf742f6a727674af1eadaf9d81ab10a97787e293b197dc67763ca44bf05f036141059a87f54feb6ce6b3417c
-
SSDEEP
96:PN4laNjljw4O4bgdd2HmI98A/W+0/kW73/UprF+x4q4+sHHuxMKnip:RNjljw4ODd2HWD/L74rIWL+6HuiKip
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 2116 NOTEPAD.EXE