Overview

overview

10

Static

static

10

ampscripts.tar.gz

windows7-x64

3

ampscripts.tar.gz

windows10-2004-x64

3

sample.tar

windows7-x64

3

sample.tar

windows10-2004-x64

3

ICMP

ubuntu-22.04-amd64

7

arma

ubuntu-24.04-amd64

7

fivem.txt

windows7-x64

1

fivem.txt

windows10-2004-x64

1

fn-lag.txt

windows7-x64

1

fn-lag.txt

windows10-2004-x64

1

frantech.txt

windows7-x64

1

frantech.txt

windows10-2004-x64

1

game-clap.txt

windows7-x64

1

game-clap.txt

windows10-2004-x64

1

game-lag.txt

windows7-x64

1

game-lag.txt

windows10-2004-x64

1

game.txt

windows7-x64

1

game.txt

windows10-2004-x64

1

gamev2.txt

windows7-x64

1

gamev2.txt

windows10-2004-x64

1

gamev3.txt

windows7-x64

1

gamev3.txt

windows10-2004-x64

1

killall.txt

windows7-x64

1

killall.txt

windows10-2004-x64

1

killall1.txt

windows7-x64

1

killall1.txt

windows10-2004-x64

1

ldap.txt

windows7-x64

1

ldap.txt

windows10-2004-x64

1

ldapv2.txt

windows7-x64

1

ldapv2.txt

windows10-2004-x64

1

mdns.txt

windows7-x64

1

mdns.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 08:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gamev3.txt

  • Size

    375KB

  • MD5

    aebcb7e770c7741c1190625c21e83b97

  • SHA1

    e42f70b264aa70defccb227f56935a4e08787363

  • SHA256

    c8ed79a15cd88b0f01fe59b7f8e4969bf3bb8b82ae8e0a0fe48578eb6199e072

  • SHA512

    e432ecaaa58f1fcd7d5ea8ec265c24cc2f699ade0a5b935bf90cbf67ff640ca4c02b1f3f73eed88af97e1cc5113220cdf12148863ab5f3775711e09f1375e743

  • SSDEEP

    3072:fOmB8GL0oZ0Yt0l7PDayErQfOG90eYYKog:fh8GLr0YOda9rQT0evKB

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\gamev3.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads