Overview

overview

10

Static

static

10

ampscripts.tar.gz

windows7-x64

3

ampscripts.tar.gz

windows10-2004-x64

3

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

ICMP

ubuntu-22.04-amd64

7

arma

ubuntu-24.04-amd64

7

fivem.txt

windows7-x64

1

fivem.txt

windows10-2004-x64

1

fn-lag.txt

windows7-x64

1

fn-lag.txt

windows10-2004-x64

1

frantech.txt

windows7-x64

1

frantech.txt

windows10-2004-x64

1

game-clap.txt

windows7-x64

1

game-clap.txt

windows10-2004-x64

1

game-lag.txt

windows7-x64

1

game-lag.txt

windows10-2004-x64

1

game.txt

windows7-x64

1

game.txt

windows10-2004-x64

1

gamev2.txt

windows7-x64

1

gamev2.txt

windows10-2004-x64

1

gamev3.txt

windows7-x64

1

gamev3.txt

windows10-2004-x64

1

killall.txt

windows7-x64

1

killall.txt

windows10-2004-x64

1

killall1.txt

windows7-x64

1

killall1.txt

windows10-2004-x64

1

ldap.txt

windows7-x64

1

ldap.txt

windows10-2004-x64

1

ldapv2.txt

windows7-x64

1

ldapv2.txt

windows10-2004-x64

1

mdns.txt

windows7-x64

1

mdns.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2024, 08:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    game.txt

  • Size

    148KB

  • MD5

    28b5840042a0cdf8273c30184c89aefe

  • SHA1

    bded6cfbc9fe154ab00cf13c011e173b582cb704

  • SHA256

    ae86e32b8e3ee1962c5a485652e598c8652f0d614e3846437b49765f02b079f6

  • SHA512

    6ae8e18f12e9db25f62d84dfe2e8764cf1609fb18112e40c6557308f9992e52d52777558c032533f9451c4e1b60d147991c4bf8a1d4b7607016edeb376b289c1

  • SSDEEP

    1536:Fz49+PDWUlie4Xkuj8DHoOdpuRxJmS9AbMhs6LwzXjDxbGdB+Z7Fpt1z:B

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\game.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads