Overview
overview
10Static
static
10MailRanger...YZ.txt
windows10-2004-x64
1MailRanger...YZ.txt
windows11-21h2-x64
3MailRanger...er.exe
windows10-2004-x64
7MailRanger...er.exe
windows11-21h2-x64
7MailRanger.pyc
windows10-2004-x64
3MailRanger.pyc
windows11-21h2-x64
3MailRanger...te.exe
windows10-2004-x64
10MailRanger...te.exe
windows11-21h2-x64
10MailRanger...r2.ini
windows10-2004-x64
1MailRanger...r2.ini
windows11-21h2-x64
3MailRanger...!!.txt
windows10-2004-x64
1MailRanger...!!.txt
windows11-21h2-x64
3MailRanger/ServerList
windows10-2004-x64
1MailRanger/ServerList
windows11-21h2-x64
1MailRanger..._1.mp4
windows10-2004-x64
6MailRanger..._1.mp4
windows11-21h2-x64
6MailRanger...es.txt
windows10-2004-x64
1MailRanger...es.txt
windows11-21h2-x64
3Analysis
-
max time kernel
140s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
13-08-2024 21:06
Behavioral task
behavioral1
Sample
MailRanger/237K HQ Skull.XYZ.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
MailRanger/237K HQ Skull.XYZ.txt
Resource
win11-20240802-en
Behavioral task
behavioral3
Sample
MailRanger/MailRanger.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral4
Sample
MailRanger/MailRanger.exe
Resource
win11-20240802-en
Behavioral task
behavioral5
Sample
MailRanger.pyc
Resource
win10v2004-20240802-en
Behavioral task
behavioral6
Sample
MailRanger.pyc
Resource
win11-20240802-en
Behavioral task
behavioral7
Sample
MailRanger/MailUpdate.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral8
Sample
MailRanger/MailUpdate.exe
Resource
win11-20240802-en
Behavioral task
behavioral9
Sample
MailRanger/Mailranger2.ini
Resource
win10v2004-20240802-en
Behavioral task
behavioral10
Sample
MailRanger/Mailranger2.ini
Resource
win11-20240802-en
Behavioral task
behavioral11
Sample
MailRanger/Przeczytaj!!!!.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral12
Sample
MailRanger/Przeczytaj!!!!.txt
Resource
win11-20240802-en
Behavioral task
behavioral13
Sample
MailRanger/ServerList
Resource
win10v2004-20240802-en
Behavioral task
behavioral14
Sample
MailRanger/ServerList
Resource
win11-20240802-en
Behavioral task
behavioral15
Sample
MailRanger/how to mail_1.mp4
Resource
win10v2004-20240802-en
Behavioral task
behavioral16
Sample
MailRanger/how to mail_1.mp4
Resource
win11-20240802-en
Behavioral task
behavioral17
Sample
MailRanger/socks4_proxies.txt
Resource
win10v2004-20240802-en
Behavioral task
behavioral18
Sample
MailRanger/socks4_proxies.txt
Resource
win11-20240802-en
General
-
Target
MailRanger/socks4_proxies.txt
-
Size
15KB
-
MD5
6e00109cfc1675d5de825f1b57f8f8ef
-
SHA1
d23c23d948f47d69fb298200bfcf6c8849d37488
-
SHA256
a003ef5204817b8c9249cdaa949aa87bdc55315afba57ec098cdee8c9870040d
-
SHA512
822de0e7281e4734a5297abb9eff77ef76e6e18cc93fb3edf556c9231b5608acbae20e44760dcaefb549944d13b62a446059f889e54de7fbc0428677d1be14aa
-
SSDEEP
192:cP3YMK5j88KaB+ZeQV7QA7mmrF0xpV96/Q56iDVx4y6siQJnTt0Oh8WCedl8QMH0:cPETy6D5pZzbxqr4
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 4180 NOTEPAD.EXE