80f3d09c8da6a063b87cb75b758f13dcce3999396cd4d745ffbd87997249ad75 | Triage

Resubmissions

02/08/2024, 19:42

240802-yeqptsxcrp 9

02/08/2024, 19:39

240802-ydek6sscra 3

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02/08/2024, 19:39

Sharing

Report Analysis Logs

General

Target

Language/ba.txt
Size

10KB
MD5

d83b65ac086da0c94d6eb57bee669c2b
SHA1

6210f62d41d44cc280f44b39accf10da28424b75
SHA256

2901b54f7621c95429658cb4edb28abd0cb5b6e257c7d9a364fc468a8b86baae
SHA512

56c7ecb4223103d81ffd11c214cceac20e7770b82fbc78a5e82e6dd9d589cc319d4689bb6d9027e5d272097e1b33ddba27a8414fcbc29f9ef68329e343004222
SSDEEP

192:ikNx8wxsv75EMVB1m6pP3z/WxdxbpXuBwBMzByzVHQnlBJ7a/NMIMx:ikLhsv75EMVB1m6pP3dzk5ww/NMIq

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
2596	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Language\ba.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads