Analysis
-
max time kernel
133s -
max time network
135s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
29/05/2024, 14:15
Behavioral task
behavioral1
Sample
BombPartyUltra.rar
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
BombPartyUltra/ARunALL.bat
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
BombPartyUltra/BombParty.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
BombParty.pyc
Resource
win10-20240404-en
Behavioral task
behavioral5
Sample
BombPartyUltra/EWordList.txt
Resource
win10-20240404-en
Behavioral task
behavioral6
Sample
BombPartyUltra/FWordlist.txt
Resource
win10-20240404-en
Behavioral task
behavioral7
Sample
BombPartyUltra/ZInstallPython.bat
Resource
win10-20240404-en
General
-
Target
BombPartyUltra/FWordlist.txt
-
Size
4.0MB
-
MD5
6bddb362a646a9a18fd04f0f417dadb9
-
SHA1
06098e22024de5b576151367ec1985d5e6e58a15
-
SHA256
28d21fce50e6b9da84b72c4ba355dfc9564233cea7c707cbfe77b32dd7ae7e0f
-
SHA512
a4ac844820dd239ac8b3e3aec9529d59ccff5cf3693e3e7f76eb43843bd0b652af1047cbe542a8aaa0f59b186421db4ebc3b3af095dc6597c5a62afd8e6262a9
-
SSDEEP
24576:5IqXvIzB07U6Sf3+kxVwY2aV6pv6aALKWgfzD:5Iq/IzB07NZkD2d6aALvazD
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 2272 NOTEPAD.EXE