Overview
overview
10Static
static
9Exec/Exec/....1.exe
windows10-1703-x64
10Exec/Exec/...32.dll
windows10-1703-x64
3Exec/Exec/...32.lib
windows10-1703-x64
3Exec/Exec/...wp.dll
windows10-1703-x64
1Exec/Exec/...uwpver
windows10-1703-x64
1Exec/Exec/...ff.bin
windows10-1703-x64
3Exec/Exec/...offver
windows10-1703-x64
1Exec/Exec/...on.txt
windows10-1703-x64
1Exec/Exec/...ts.dll
windows10-1703-x64
1Analysis
-
max time kernel
361s -
max time network
1596s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
19-05-2024 01:09
Behavioral task
behavioral1
Sample
Exec/Exec/Release Executor V3.1.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
Exec/Exec/dll/VMProtectSDK32.dll
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
Exec/Exec/dll/VMProtectSDK32.lib
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
Exec/Exec/dll/celeryuwp.dll
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
Exec/Exec/dll/celeryuwpver
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
Exec/Exec/dll/uwpoff.bin
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
Exec/Exec/dll/uwpoffver
Resource
win10-20240404-en
Behavioral task
behavioral8
Sample
Exec/Exec/dll/uwpversion.txt
Resource
win10-20240404-en
Behavioral task
behavioral9
Sample
Exec/Exec/scripts/scripts.dll
Resource
win10-20240404-en
General
-
Target
Exec/Exec/dll/uwpversion.txt
-
Size
5B
-
MD5
f0016f1d09aea25afcb3fb5948acbb9f
-
SHA1
5151f95ad805265d9169fb020297c97b589a90cb
-
SHA256
cc1a4126ba1a738f56187a2a2a9df4f3d3f6baa8dc966feed9d0f6e09a5a486a
-
SHA512
da19cc04a0a6cc175f056ce4bb5091cb1f7a4efa922704ddedce2aa7dbfda8e53709a81206234744d8ef34c97fd1a31ea0f62ecd41ed7977064dc5ece36477ef
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 1296 NOTEPAD.EXE