11438a5e03ababdc7aa308a1c82fb1685c58bb0d4b0a7e3b0a2af7a3c28b62f4

Analysis

max time kernel
394s
max time network
1591s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
24-08-2024 22:47

Target

gasai/misc/selfbot_detection_log.txt
Size

14KB
MD5

6d4e73e064153091f7aca8b8bc247e92
SHA1

036628462020c8cfe89c23d505bb2de18c545766
SHA256

b812ffa33014e48d744b6bbd4d47fb6b924548d570062413519c1aadfd7ddc65
SHA512

aa6bad75320e5d13a5f0432d3d9d1539193ab81f25397baf5f3144136f115de4aae65e8a63b24003c7e0c7b1b7d9794d08c6a9f8909401aa6df69e19002adf22
SSDEEP

384:ZsBtMRdmtMRdwtMRdKtMRdmtMRdmtMRd7tMRdmtMRdmtMRdmtMRdmtMRdmtMRdlH:ut2mt2wt2Kt2mt2mt27t2mt2mt2mt2m6

Score

1^/10

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
3616	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\gasai\misc\selfbot_detection_log.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:3616