Overview
overview
10Static
static
10Protect.rar
windows7-x64
3Protect.rar
windows10-2004-x64
3Protect/Co...on.dll
windows7-x64
1Protect/Co...on.dll
windows10-2004-x64
1Protect/Core.dll
windows7-x64
1Protect/Core.dll
windows10-2004-x64
1Protect/Co...config
windows7-x64
3Protect/Co...config
windows10-2004-x64
3Protect/Custom.txt
windows7-x64
1Protect/Custom.txt
windows10-2004-x64
1Protect/Guna.UI2.dll
windows7-x64
1Protect/Guna.UI2.dll
windows10-2004-x64
1Protect/Hardening.dll
windows7-x64
1Protect/Hardening.dll
windows10-2004-x64
1Protect/Ha...config
windows7-x64
3Protect/Ha...config
windows10-2004-x64
3Protect/Runtime.dll
windows7-x64
1Protect/Runtime.dll
windows10-2004-x64
1Protect/SE...config
windows7-x64
3Protect/SE...config
windows10-2004-x64
3Protect/Saved.txt
windows7-x64
1Protect/Saved.txt
windows10-2004-x64
1Protect/VMUtils.dll
windows7-x64
1Protect/VMUtils.dll
windows10-2004-x64
1Protect/Webhook.txt
windows7-x64
1Protect/Webhook.txt
windows10-2004-x64
1Protect/bi...IT.exe
windows7-x64
10Protect/bi...IT.exe
windows10-2004-x64
10Protect/dnlib.dll
windows7-x64
1Protect/dnlib.dll
windows10-2004-x64
1Protect/dnlib.xml
windows7-x64
1Protect/dnlib.xml
windows10-2004-x64
1Analysis
-
max time kernel
121s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
24-05-2024 15:33
Behavioral task
behavioral1
Sample
Protect.rar
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral2
Sample
Protect.rar
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
Protect/CodeEncryption.dll
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral4
Sample
Protect/CodeEncryption.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Protect/Core.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral6
Sample
Protect/Core.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Protect/Core.dll.config
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral8
Sample
Protect/Core.dll.config
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Protect/Custom.txt
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral10
Sample
Protect/Custom.txt
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Protect/Guna.UI2.dll
Resource
win7-20240419-en
windows7-x64
Behavioral task
behavioral12
Sample
Protect/Guna.UI2.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Protect/Hardening.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral14
Sample
Protect/Hardening.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Protect/Hardening.dll.config
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral16
Sample
Protect/Hardening.dll.config
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Protect/Runtime.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
Protect/Runtime.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Protect/SECURE BYTE GUI.exe.config
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral20
Sample
Protect/SECURE BYTE GUI.exe.config
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Protect/Saved.txt
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral22
Sample
Protect/Saved.txt
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Protect/VMUtils.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral24
Sample
Protect/VMUtils.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Protect/Webhook.txt
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral26
Sample
Protect/Webhook.txt
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Protect/bimno1-JIT.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral28
Sample
Protect/bimno1-JIT.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Protect/dnlib.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral30
Sample
Protect/dnlib.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Protect/dnlib.xml
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
Protect/dnlib.xml
Resource
win10v2004-20240226-en
windows10-2004-x64
General
-
Target
Protect/Custom.txt
-
Size
6B
-
MD5
77d4f35d1d9a17a5503b51b5a150e897
-
SHA1
85fe58af866686ca2932c6fcb2808beb00e0f1d5
-
SHA256
0507c9fc0c92e98858ad4b93e4e8f2e131f7ee8e705673c78a0701b962463a9c
-
SHA512
80dbd56996fc9103397d8b3dfabdf436eac29ba242e2c65b16ef0d7ddf3cdee51785893c5042dac8f6719b347d9863c7a0560d25380f043ae2563c86c55f8df4
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
Processes:
NOTEPAD.EXEpid process 2208 NOTEPAD.EXE