Overview

overview

10

Static

static

9

Exec/Exec/....1.exe

windows10-1703-x64

10

Exec/Exec/...32.dll

windows10-1703-x64

3

Exec/Exec/...32.lib

windows10-1703-x64

3

Exec/Exec/...wp.dll

windows10-1703-x64

1

Exec/Exec/...uwpver

windows10-1703-x64

1

Exec/Exec/...ff.bin

windows10-1703-x64

3

Exec/Exec/...offver

windows10-1703-x64

1

Exec/Exec/...on.txt

windows10-1703-x64

1

Exec/Exec/...ts.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    361s
  • max time network
    1596s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    19-05-2024 01:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Exec/Exec/dll/uwpversion.txt

  • Size

    5B

  • MD5

    f0016f1d09aea25afcb3fb5948acbb9f

  • SHA1

    5151f95ad805265d9169fb020297c97b589a90cb

  • SHA256

    cc1a4126ba1a738f56187a2a2a9df4f3d3f6baa8dc966feed9d0f6e09a5a486a

  • SHA512

    da19cc04a0a6cc175f056ce4bb5091cb1f7a4efa922704ddedce2aa7dbfda8e53709a81206234744d8ef34c97fd1a31ea0f62ecd41ed7977064dc5ece36477ef

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Exec\Exec\dll\uwpversion.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads