Analysis
-
max time kernel
132s -
max time network
138s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
29/05/2024, 14:15
Behavioral task
behavioral1
Sample
BombPartyUltra.rar
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
BombPartyUltra/ARunALL.bat
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
BombPartyUltra/BombParty.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
BombParty.pyc
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
BombPartyUltra/EWordList.txt
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
BombPartyUltra/FWordlist.txt
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
BombPartyUltra/ZInstallPython.bat
Resource
win10-20240404-en
General
-
Target
BombPartyUltra/EWordList.txt
-
Size
5.7MB
-
MD5
6eb86b9cca4bdeead7beffda6bf24e04
-
SHA1
8c52bc0769a138c9d164569a90b5f194926dc8c7
-
SHA256
201dc479eedf58d1a79203a4bc6b0c6deb11735e44a8129046286179e24c192d
-
SHA512
9301b1cecfe3e9cd15a3e6fa5c764c761e88b40197d709f2d9322944f5a0a91a36c5054c8925d5f0258d655ebbd1c15dce3c66ef8d2655ac1768400317f54d9f
-
SSDEEP
49152:BLYdMYZzRvMRIqyLZqYxV4pfeTANnkVCG69S635IBTO/KFnkCTvgpaQw+wXxhvqN:v
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 1120 NOTEPAD.EXE