03d60f06db313f892881188829f27c813efe8a4e987af1f483a4bbbcd78159db

Submit
Reports

Overview

overview

Static

static

Portable_x32_x64.zip

windows7-x64

Portable_x32_x64.zip

windows10-2004-x64

Portable_x...e.pimx

windows7-x64

Portable_x...e.pimx

windows10-2004-x64

Portable_x...in.ini

windows7-x64

Portable_x...in.ini

windows10-2004-x64

Portable_x...in.xml

windows7-x64

Portable_x...in.xml

windows10-2004-x64

Portable_x...ce.dll

windows7-x64

Portable_x...ce.dll

windows10-2004-x64

Portable_x...ls.xml

windows7-x64

Portable_x...ls.xml

windows10-2004-x64

Portable_x...up.exe

windows7-x64

Portable_x...up.exe

windows10-2004-x64

Portable_x...40.dll

windows7-x64

Portable_x...40.dll

windows10-2004-x64

Portable_x...ju.wsf

windows7-x64

Portable_x...ju.wsf

windows10-2004-x64

Portable_x...ed.xml

windows7-x64

Portable_x...ed.xml

windows10-2004-x64

Portable_x...to.xml

windows7-x64

Portable_x...to.xml

windows10-2004-x64

Portable_x...ng.xml

windows7-x64

Portable_x...ng.xml

windows10-2004-x64

Portable_x...ae.xml

windows7-x64

Portable_x...ae.xml

windows10-2004-x64

Portable_x...re.xml

windows7-x64

Portable_x...re.xml

windows10-2004-x64

Portable_x...rs.xml

windows7-x64

Portable_x...rs.xml

windows10-2004-x64

Portable_x...go.xml

windows7-x64

Portable_x...go.xml

windows10-2004-x64

Analysis

max time kernel
419s
max time network
421s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
22-08-2024 12:15

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Portable_x32_x64.zip

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral2

Sample

Portable_x32_x64.zip

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral3

Sample

Portable_x32_x64/Data/Language.pimx

Resource

win7-20240704-en

discovery

windows7-x64

6 signatures

600 seconds

Behavioral task

behavioral4

Sample

Portable_x32_x64/Data/Language.pimx

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

600 seconds

Behavioral task

behavioral5

Sample

Portable_x32_x64/Data/Main.ini

Resource

win7-20240705-en

windows7-x64

1 signatures

600 seconds

Behavioral task

behavioral6

Sample

Portable_x32_x64/Data/Main.ini

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

600 seconds

Behavioral task

behavioral7

Sample

Portable_x32_x64/Data/Packaged/Main.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral8

Sample

Portable_x32_x64/Data/Packaged/Main.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral9

Sample

Portable_x32_x64/Data/Packaged/Resource.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral10

Sample

Portable_x32_x64/Data/Packaged/Resource.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral11

Sample

Portable_x32_x64/Data/Packaged/Utils.xml

Resource

win7-20240729-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral12

Sample

Portable_x32_x64/Data/Packaged/Utils.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral13

Sample

Portable_x32_x64/Setup.exe

Resource

win7-20240708-en

discovery

windows7-x64

1 signatures

600 seconds

Behavioral task

behavioral14

Sample

Portable_x32_x64/Setup.exe

Resource

win10v2004-20240802-en

rhadamanthys discovery stealer

windows10-2004-x64

8 signatures

600 seconds

Behavioral task

behavioral15

Sample

Portable_x32_x64/msvcp140.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral16

Sample

Portable_x32_x64/msvcp140.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral17

Sample

Portable_x32_x64/res/cravats/broachOneill/badju.wsf

Resource

win7-20240704-en

windows7-x64

0 signatures

600 seconds

Behavioral task

behavioral18

Sample

Portable_x32_x64/res/cravats/broachOneill/badju.wsf

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral19

Sample

Portable_x32_x64/res/cravats/broachOneill/bestinkSonarsBuzzed.xml

Resource

win7-20240705-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral20

Sample

Portable_x32_x64/res/cravats/broachOneill/bestinkSonarsBuzzed.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral21

Sample

Portable_x32_x64/res/cravats/broachOneill/busto.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral22

Sample

Portable_x32_x64/res/cravats/broachOneill/busto.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral23

Sample

Portable_x32_x64/res/cravats/broachOneill/gabblerTinderyBeaming.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral24

Sample

Portable_x32_x64/res/cravats/broachOneill/gabblerTinderyBeaming.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral25

Sample

Portable_x32_x64/res/cravats/broachOneill/hebrewsNae.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral26

Sample

Portable_x32_x64/res/cravats/broachOneill/hebrewsNae.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral27

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/baluchKenlore.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral28

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/baluchKenlore.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral29

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/ecuadorCapers.xml

Resource

win7-20240708-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral30

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/ecuadorCapers.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Behavioral task

behavioral31

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/fungo.xml

Resource

win7-20240704-en

discovery

windows7-x64

5 signatures

600 seconds

Behavioral task

behavioral32

Sample

Portable_x32_x64/res/cravats/broachOneill/shaleDashikiBajoire/fungo.xml

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

600 seconds

Report Analysis Logs

General

Target

Portable_x32_x64/Data/Main.ini
Size

24KB
MD5

5bf4353d089309e57865ba86d4199004
SHA1

e2871968fc1aa99c821209f817a94b05b7b7a7f3
SHA256

96088d93be0c39001e87b5647bc8ffdef684a90fa02f0f91d430248f7c3415e2
SHA512

c8489b85c75cacc54535538736d75ab2a2fd60d29b764906fe7acbc26d9887515f5c316b9e2543b9511ffc348fcd88f5e01e4f1baaf9c5ecfb8a95061e12c4ed
SSDEEP

384:az91NaxrAlW10wt+CJgSz8/YK3uOvxtNhymeIbi2OrFc:az91NaxOCJgkRK3zvxtNN

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

Processes:

NOTEPAD.EXE

pid	Process
4652	NOTEPAD.EXE

Processes

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Portable_x32_x64\Data\Main.ini
1⤵
- Opens file in notepad (likely ransom note)
PID:4652

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads