Overview

overview

9

Static

static

3

Game beta 1.0.0.zip

windows7-x64

1

Game beta 1.0.0.zip

windows10-2004-x64

1

CannonLake...em.inf

windows7-x64

1

CannonLake...em.inf

windows10-2004-x64

1

CannonLake...SS.inf

windows7-x64

1

CannonLake...SS.inf

windows10-2004-x64

1

Setup #1.exe

windows7-x64

9

Setup #1.exe

windows10-2004-x64

8

e1r68x64.sys

windows10-2004-x64

1

setup #2.exe

windows7-x64

8

setup #2.exe

windows10-2004-x64

8

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

Client.exe

windows7-x64

3

Client.exe

windows10-2004-x64

3

parameters.ini

windows7-x64

1

parameters.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-08-2024 10:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    parameters.ini

  • Size

    178B

  • MD5

    7e536b53ae4a6bc175c3405e7340430b

  • SHA1

    382165bdb8f86cca31975251b95f055801a6eef2

  • SHA256

    4c9247b6803dcf1c8f1b0af41388e4777896793eee21f7d5f3d0e1921f66ade1

  • SHA512

    fbe0b17a0691f7de618b8b883ab67642330d31f0eaedbf1e8a47010a110dbcc3909ea8b9e808c6f2e96ec957081f5183ed9fc9f5c18fee7c1df3f66579275b1c

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\parameters.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads