Analysis

  • max time kernel
    140s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-08-2024 21:06

General

  • Target

    MailRanger/socks4_proxies.txt

  • Size

    15KB

  • MD5

    6e00109cfc1675d5de825f1b57f8f8ef

  • SHA1

    d23c23d948f47d69fb298200bfcf6c8849d37488

  • SHA256

    a003ef5204817b8c9249cdaa949aa87bdc55315afba57ec098cdee8c9870040d

  • SHA512

    822de0e7281e4734a5297abb9eff77ef76e6e18cc93fb3edf556c9231b5608acbae20e44760dcaefb549944d13b62a446059f889e54de7fbc0428677d1be14aa

  • SSDEEP

    192:cP3YMK5j88KaB+ZeQV7QA7mmrF0xpV96/Q56iDVx4y6siQJnTt0Oh8WCedl8QMH0:cPETy6D5pZzbxqr4

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\MailRanger\socks4_proxies.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads