Overview

overview

3

Static

static

3

Redware.zip

windows10-2004-x64

1

Redware/cC...Pc.exe

windows10-2004-x64

1

Redware/dpp.dll

windows10-2004-x64

1

Redware/imgui.ini

windows10-2004-x64

1

Redware/in...ns.txt

windows10-2004-x64

1

Redware/li...64.dll

windows10-2004-x64

1

Redware/libsodium.dll

windows10-2004-x64

1

Redware/li...64.dll

windows10-2004-x64

1

Redware/opus.dll

windows10-2004-x64

1

Redware/zlib1.dll

windows10-2004-x64

1

Resubmissions

06/09/2024, 23:27

240906-3fkmestckd 3

06/09/2024, 23:26

240906-3ewy3ashpq 3

Analysis

  • max time kernel
    133s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/09/2024, 23:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Redware/imgui.ini

  • Size

    97B

  • MD5

    f4f0306df11ba2fcc9babd6760ddd976

  • SHA1

    f6ec3545978f2c7434c888f27b73cf9de8cb6e2d

  • SHA256

    b5b239759bff6bfcbae970d2b5ccc2d88a0e9b42f8ececeb9ec9c4a6f2ac75f4

  • SHA512

    80d54c1e2b949c575f0f418bcc20808b62cff38d95ef28d0862ef6e25c45ba455f72a4da30c3e00aa9b3bffb369b393ddc08c0e75fdff692aa2df3e589290e80

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Redware\imgui.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3348

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads