Overview

overview

7

Static

static

7

Temp Spoofer.zip

windows7-x64

1

Temp Spoofer.zip

windows10-2004-x64

1

Temp Spoof...er.bat

windows7-x64

1

Temp Spoof...er.bat

windows10-2004-x64

1

Temp Spoof...on.pdf

windows7-x64

3

Temp Spoof...on.pdf

windows10-2004-x64

3

Temp Spoof...ent.7z

windows7-x64

3

Temp Spoof...ent.7z

windows10-2004-x64

3

client.exe

windows7-x64

1

client.exe

windows10-2004-x64

1

Temp Spoof...ol.rar

windows7-x64

3

Temp Spoof...ol.rar

windows10-2004-x64

3

dControl/dControl.exe

windows7-x64

7

dControl/dControl.exe

windows10-2004-x64

7

out.exe

windows7-x64

out.exe

windows10-2004-x64

dControl/dControl.ini

windows7-x64

1

dControl/dControl.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    21s
  • max time network
    27s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-09-2024 09:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dControl/dControl.ini

  • Size

    84KB

  • MD5

    9d7877fb1a8598fbbd0fbcff03f728ab

  • SHA1

    7648cb7af5d28b5195c6e3400a5954a86204d00a

  • SHA256

    a8924e978cf203578cbd497adf6e3dce8dcd573a6e962c711bce8d7db9d9214e

  • SHA512

    6e1d762cc51d5dac0a22c1e84ba861c221034ea5b72fbf0dc41334f7134f300cf9f29a6713445fd7853413f2a8235232e2f18cabcb90b4abdbf14951e027fc46

  • SSDEEP

    768:i/G+NmPssxaxdk2aqexodULxEQq1wIgC+AEbSr6:1+NFsxkKdqJdULgbWSO

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\dControl\dControl.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads