Analysis
-
max time kernel
1770s -
max time network
1431s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
03-06-2024 23:44
Static task
static1
Behavioral task
behavioral1
Sample
readme.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
tin-safety.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
tin.exe
Resource
win10v2004-20240226-en
General
-
Target
readme.txt
-
Size
1KB
-
MD5
cc8d237a0a072031c67fa156876f2c0c
-
SHA1
86604975ccd6944413cf59d4d7194c91e668c291
-
SHA256
3c313ff1dedbc1952ef92fcecc652ca7c1e082e7564bc4c700d719eb61bab160
-
SHA512
499ec24984d44fe5c4b0caa0414199feaaf2fc8c34682df4326a739ab78204817a8189909f4a3ef404ea380ccb06572576a066bae5dfe32469c865d09675d28b
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 388 NOTEPAD.EXE
Processes
-
C:\Windows\system32\NOTEPAD.EXEC:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\readme.txt1⤵
- Opens file in notepad (likely ransom note)
PID:388
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding1⤵PID:4124
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1KB
MD5b886b587ae0f354148212f8e1398cbe8
SHA1f85b92ffe650e3148f5c47432860fd2ace798e6b
SHA2563f8aee449bd30f0eb03ebfe52b1be1eea076085bf230ca9bd549c8d5d3f1e756
SHA512a4ac03eaac57c983b26df0cc51972df919ff0e3b09dd3eb398ba447c32633341b188914fa9b05b4afc1e9ce99b3414978d8ec05e60234e8f689f6499e4c4a4ef
-
Filesize
1KB
MD5856127c0b5522ccfbf73080a7c6c85e2
SHA15cc21bc6be3f77d25e2e8ebfdd1a8ccc7e59572c
SHA2562c2ef24b9f59f37619ab1d3fbf8ce9b2a907aad169c745c90d8d9c24588d1339
SHA51266672fd2962facb2f8b205e636478c8c65050337422d0fe04b0f0721f46496726dc692d970fe7c448cff6c8f34a979baade36919ff3944bc991c2ee58044199e
-
Filesize
30KB
MD5c186ef70e6825d333e0077831c58baaa
SHA113164d000f4e7dfcb5b73b837944efb7c8e4df2f
SHA2564f3a12fc3e94b4fd72989532b43f9d98a6afa4792493e308ab8dac43e5d3748e
SHA51202680c6ffac6753a32d1505b9489f5f215e47ebdd0df3c0b26746956044f1cdd33f5edace41dabc7bcc0b7340d31619b580655d8400f08a1549c99bc0bd9c394
-
Filesize
165KB
MD5ed700f1552e668ee3b7e28d4b1c0a5f5
SHA1c620f8ab8c725ba70cf4d785035c795baaf307e1
SHA256e856ac7870bc9ed7a02e09ff0548c880746fdae08401e059b853478dbf034626
SHA51202bb9d6dc7ecfa3b31eb4b8cfae27c03d7f3d5da2be06f858f843172491281f3cd43d607321c9889d3c1476183a340f2993b5dc922072d8fffd3e45a8a5ca8e0
-
Filesize
276B
MD52cc83d93dd1dde691158cf5e9882420b
SHA149bfdc6e1e73e09a0dec345ca15b72d167add3b6
SHA256455ec4f5b15557762b893388b591ca9f3e822675ab94fc6664aa4ec8c41cb295
SHA512e67f883a016b7a410f4461492bce124421bddccf4544322b9a460a56df469170b2323fd0325e2cf928193fb6a1323c31cb0d464097f25d2f9b11af3bf9ca1b4d
-
Filesize
1KB
MD5eb33f5192061130474d940d542829d83
SHA1885459aab6d94a4e3aea0188d5f39ee7502f0d59
SHA256e591a0cb170f2878ad6078865db3ebb2961693e93903f57cde04fee6e5d51530
SHA51289c61bc55c0170cd008cb6c847041fa4642f197e620f5ba4b99012c7fc6d042b1c051ef7071b8fcd051c82d806bb33abb08a76ed6ea916fd4d4e1ad186ea2403
-
Filesize
219B
MD5286a9edb379dc3423a528b0864a0f111
SHA118db3e3dfb6b1d4dc9bc2226109112466de28db0
SHA2566f533ccc79227e38f18bfc63bfc961ef4d3ee0e2bf33dd097ccf3548a12b743b
SHA512588720a82941b44338196f1808b810fecbbc56cb9979628f1126048c28f80b946314092a8dd26f5e7aca234b7163c4b9c1283a65c9b36be2a4da9966feb8b2cb
-
Filesize
92B
MD523cf8138f49416231807e6de371fb9e6
SHA1973672eeae5a05447e47395cde37e8121b7c90fe
SHA2566b3d6e268dcb76e175a7db3d9e031349ab2c32654c7e57581a851e64dd6214ab
SHA51242ae18a96645289cb0246d545daa955d2fb0784993726414d0bc723dfb58b33cf11bb6b62ba7f5a3765e0c6c5713e8a02cd63638877ca032b82d4806e79950cf
-
Filesize
381KB
MD5d0f06dfe065d480846a96547704962a1
SHA125774772beb875ad08548a76d411ac61342de75a
SHA2562894aa9ce588c8a5b3a8cb6d66cddd27410487b4eccf00a02cf14393db47feb3
SHA5128e590ccfed137f25056ab0180c1f63bc486c4b2c1f7c62f27501e16e88c0df1b19d05a719e16027bfa926380526fc395cdc35f16eb2a7e0abd0788d7a38ba969
-
Filesize
86KB
MD529fa3abf8498e05a3c7da6229d87ca20
SHA166a81d4913a0c55d6f983de502df37d0cc5a5a37
SHA2569540ca5f8874cfd2e8028923581430be48cd3b6fccfbb4835b471b9e867b334f
SHA512a0caed283fcfc113c5d8e0e32cc0c1bb33799aac27881cc4bbd23c82354455f2ed54de54f765e247cd955476b6986fee8b95869d5b87be1b8ace1fc90b7a4cae
-
Filesize
395KB
MD576e933518ce70f771a1ac3ae77cceeb1
SHA11534b2ea46d32e17c493be71edc438170d011048
SHA25637c6e6ad897eacf1afbfd757d2a2b3cd34a069481a95654d9fe8e62b6d48a499
SHA5129322723a6c0c13c5b939d942d58ea877375154b75894acf8484133ad5345d959898df4f933a387ee43deec6ca6b1a780ec6619dae14822ac0c4c34efbf10021e
-
Filesize
81KB
MD5379e5a62729b3f11dae2a788fee685a6
SHA1ffbb0d3261283088bd9a6e9bfec168e5fabec7e4
SHA2561ca819d4ed56eebd4fef2886487b0b0a5cb867ac0d9c15cb4f3d8bc282c65275
SHA51249a9cdd0b707b9d3693bcb57b17a87e7af031b6969453a8331e7e95ce966c5e1d974ffff11bc4ad5ea81c86cd776116de423a6515a43ae01b975904438cbe1d3
-
Filesize
168KB
MD5d19c4e2ac7a15a8ee0449e064d42caf2
SHA17c76b45126d99e0be5cf5606b2782210e1361b37
SHA2569d64313f303aae37d6186843d4b5137d07590ead89299209ed6bb24c501fe898
SHA512db47db432511c0df5ab5411061bef523a9187671710a8d92d1550630d5303ea7f03bc5ef0cd0ceaeb8c30181fcb9f0c02151aee029ff6d719decc940c65efddf
-
Filesize
195KB
MD57fa6c7a8401e9107ee0b97cc071ffd06
SHA1bb5e186f4fa27543c242329a5a7a852f1033aad6
SHA2568cffd7c4b3684ccae656fcf42c0fcc10277f2e9fb20bafd34dc3e7a7cfd1f814
SHA51207a358dc47b681b6032e6b6679a8a96fec99979bfe7ff1d4a933f038fd528df856bbe232a11bfd05a5be4562f0d0ebeedefb2e92500c9bb41199342c173d1ac5
-
Filesize
171KB
MD58e16d5fb5a327b485dbdaa1618ba88e0
SHA10c189cdbb7662a3ebe9157636b666285db338044
SHA25635c2746e3826fee257685d6e031e5adde0dca5b03988c137a5619035bacd6a98
SHA512945d4b77c105e0d44e8943f1cd9791580937d50c041c5a42665149595a3bfe0e60752987823615b0ab2d8bdffe9ead598a63b5b3a8edfe978267fe17368bbdda
-
Filesize
208KB
MD550e19e7ffcc48878c5a2cfbe4f80be4f
SHA1f2ec9fa8a1a084f8d63c201f72d994eb73588f4a
SHA2569b866addabe851abe05861fb1644619040970911f1284db9e3ea0055cc2d93a0
SHA512b4927aa8237e3667ba8e58d522021284a184de2c399a4addda1dc76f13e928fb2bf44513696bfaebdc327042fb2245c6ea61f11169d85e0d8f2b15e1c13bbc5e
-
Filesize
170KB
MD561737c9efdaa729f78ee3c78e0a57534
SHA19e4018393f97928d0d9a1a3034c3d2605be1535a
SHA25688acf3b26535d00d0b68bd45e4be798ad79dd0f32086c72cf5bd4fba406668d8
SHA51212e14166cf174ad16370cb5f0b331cc2b08dbd76da154dc6f055f1c21b7a2d700ccd4f4483184ee5c2c8f9f850948edfd3f59791a2eea6d0f85b3e1e4a99b515
-
Filesize
191KB
MD59ceed525058366d7aab02e3b2946ef33
SHA1bad5b8e44cd462b53b6e768523f60e9d79ab2d37
SHA256e3c9be35e351ff470536ba97c345cc72e821b839a704b74a8fcfd54bfbe19cf9
SHA512e44e56a005ccae30c4d53c15a973ceaf72f4f617a3ee65ceb92169c26b912b1725e2116e9bc09f062d6af59587ba41427dfc3cbe3661e2797cfb5516edd8dc95
-
Filesize
170KB
MD580a338b1029ca48be813c9d31919ad80
SHA19f7a43be779c51c4038f6637f3bb44a015255714
SHA25647e71f40f561c8a360018f98b98ccde13a3b054675aa5f83866139ff81459a6d
SHA5123f0ffee36ce7a4fa340cb5e2649418ee7d35204d927aef3a95a82ccb0e4d729bfacdccf72388f2bb7a326c88556b7c9f62350b88fc0acd96b1936544bfba498e
-
Filesize
198KB
MD562fccb002f87090379c02bf17dd982f5
SHA1ab84c05080cafc02993f8b689267e8d147050156
SHA25646c6f75e4db12ded5064356f31a88731d3636c460db5e34d8105e6daee5681d9
SHA512f2aa41843f48266be0f3f49079725c02f91c46461e0dbfd14df52b79919bd26e4f854af5ccfa190292cc42dfd0114937ba155c8fdf6a759ac28036308d0a7d63
-
Filesize
123KB
MD53dd6d73a9bd330761875d99cb167d393
SHA1ea492639e5c74db2733c2e8f089653259188a391
SHA256082f4061e0bce65a115c095229f5149f0f21828babd7ea6f4a073a58320e7b9f
SHA5125438385d176c257a89fe9df6f6d8c3135d5ebaef4beaadf742a9d9e6dd67adf5abbb05417e97e9ed7972eaed9d2064cbfc6797b20f1a71e0a415f0add3d5c28b
-
Filesize
129KB
MD56e56587da8cf0d924b2f62ae7283e795
SHA14d6c4a76c1a6a18bf923e2d4c3219c642c84e672
SHA2561ff4ba196dcdc5bf880ba03e506fa58f9369e841a34013d1f377c28041e78351
SHA51221f4016aff123faa1753517d48a759d3f448dbf8dc4a26f209c0152cb8b9d9441f13c052639e022b9afb45237b8e647c5b206ccb5b5ff9474a38a2600d991e70
-
Filesize
123KB
MD59fac291f79714e0c91f770f3fc816b79
SHA1fc37c6acc862a7727c964b418b8e459f5d0549a5
SHA2567ca39089591590d11d0646fbabfe60e62e7ec5d0f5d9da24717d5088e6c3cc8a
SHA512cac75ec803bbeee002ba49c91c4d8a6be5dcac477b9915a0d34fe5f7af39f40c53d7793f1a81c8415017fb5deb639b5d8aade6ce2048d02a9a0190ed69cd3590
-
Filesize
135KB
MD5ad0db0c654535e25f77cd5d6d1aecdee
SHA1b1ccc0c3569dbaaaa139e1c77978a31c453f71b2
SHA256af1ccd58655ad736f8a3f7793fadcf96fcb469cc0e2a9869e7e0dc9d00ba5765
SHA51263cbc269440dbd44accae273eceff388e5b3345132a1747136fc8b5a5d0053dd5c609f569f527cbd0442afe730d8cf8796619be8bd1c335344778f31064c33cd