Overview

overview

10

Static

static

10

release 2.21v.rar

windows7-x64

3

release 2.21v.rar

windows10-2004-x64

3

RUES.EXTv2.13v.exe

windows7-x64

7

RUES.EXTv2.13v.exe

windows10-2004-x64

9

discord_to...er.pyc

windows7-x64

3

discord_to...er.pyc

windows10-2004-x64

3

get_cookies.pyc

windows7-x64

3

get_cookies.pyc

windows10-2004-x64

3

misc.pyc

windows7-x64

3

misc.pyc

windows10-2004-x64

3

passwords_grabber.pyc

windows7-x64

3

passwords_grabber.pyc

windows10-2004-x64

3

source_prepared.pyc

windows7-x64

3

source_prepared.pyc

windows10-2004-x64

3

_license.dat

windows7-x64

3

_license.dat

windows10-2004-x64

3

imgui.ini

windows7-x64

1

imgui.ini

windows10-2004-x64

1

readme.txt

windows7-x64

1

readme.txt

windows10-2004-x64

1

version.dat

windows7-x64

3

version.dat

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    29/08/2024, 17:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    readme.txt

  • Size

    524B

  • MD5

    6aa07026fd740c5d0d015bb7c8ba6579

  • SHA1

    18d378322001d2d5bbb460e89821a09d9e8380fc

  • SHA256

    5d345d8f7e0b81d45aefe56be81a3e44991e427a61078cccfa7d86814d6aae09

  • SHA512

    01a1fb429b7a8222450fbd73cd9024daba332ea9e8c2dbfbd83d5a971b8b108c4b41fde68df302a97a33e7da2e6cbf5bec488ab2a779ad81e204bacd70af4b93

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\readme.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads