Overview

overview

9

Static

static

7

unl.rar

windows7-x64

3

unl.rar

windows10-2004-x64

3

unl/Spotify.cfg

windows7-x64

3

unl/Spotify.cfg

windows10-2004-x64

3

unl/blobs/a.ini

windows7-x64

1

unl/blobs/a.ini

windows10-2004-x64

1

unl/blobs/b.ini

windows7-x64

1

unl/blobs/b.ini

windows10-2004-x64

1

unl/unl_cracked.exe

windows7-x64

9

unl/unl_cracked.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    121s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    14-08-2024 01:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    unl/blobs/a.ini

  • Size

    140B

  • MD5

    f2c2615412f9de59726c794f8c0de4cd

  • SHA1

    4b598a54a07f74e13f0e5c4cbe9a776f67a6e530

  • SHA256

    7a7cf6e122964410f27a012803588001c1febb79b2f435f7f545a77f32928843

  • SHA512

    a6d12943b9574e218ec3ef6a016b1bf396d05601cf12accf11636eb6e9458ae3601a0fcb1ddac641f009f2bd918bb6533589aa82cf13496335de002aee8341bc

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\unl\blobs\a.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads