80f3d09c8da6a063b87cb75b758f13dcce3999396cd4d745ffbd87997249ad75 | Triage

Resubmissions

02-08-2024 19:42

240802-yeqptsxcrp 9

02-08-2024 19:39

240802-ydek6sscra 3

Analysis

max time kernel
90s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
02-08-2024 19:39

Sharing

Report Analysis Logs

General

Target

Language/ar.txt
Size

12KB
MD5

1c45e6a6ecb3b71a7316c466b6a77c1c
SHA1

04bf837911fa31ffca8e034158714b47f6489d38
SHA256

972261b53289de2bd8a65e787a6e7cd6defc2b5f7e344128f2fe0492ed30ccf1
SHA512

5358bb2346c9f23318492b5e7d208e37a703c70d62014426eadd2dd8cda0b91c9d9c2a62eafe0137faefb38bf727fd4d5d8dc18394784ccae75ae9550558e193
SSDEEP

384:7+CIwRJQh3hY4+6TRxAFqpdQbCs7ZpN4QyRl3fcxMZXj4V/2QT:LJi3K4+60Fqpd8Cs7ZpNryRl3fcxMZX6

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
4528	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Language\ar.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:4528

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads