88cb7c954db8b07a3c50405f106a13327811a476b8640b8c04a2b2952fcee84d | Triage

Resubmissions

07-10-2024 17:00

241007-vjaydszgnk 10

07-10-2024 16:55

241007-vfa4zsthjf 1

07-10-2024 16:31

241007-t1gxlatfrf 1

07-10-2024 16:22

241007-tvn4qazeqr 10

Analysis

max time kernel
96s
max time network
205s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
07-10-2024 16:55

Sharing

Report Analysis Logs

General

Target

rhada_pwsh.txt
Size

472KB
MD5

499f45aaf086179501deec2015d2f13c
SHA1

a8f8fd84721a4ed88f70c3680970a99c53c5eddc
SHA256

88cb7c954db8b07a3c50405f106a13327811a476b8640b8c04a2b2952fcee84d
SHA512

b8866b50a53e6983c79806b5a3c8e114654b7511ddafdf1eac582ae86695a2fbcb9fa1f5500b8e6cb98cd898a469daf14586a9fc76075865d9d3477c9791158c
SSDEEP

12288:1CQgw6wrf68klS1+t/WPwqwp1pQbQFtw1nT3DCOLZLtomL:1C/w6we8qY3wTpQmtEnT3DVjZ

Score

1^/10

Malware Config

Signatures

Opens file in notepad (likely ransom note) 1 IoCs

pid	Process
4408	NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\rhada_pwsh.txt
1⤵
- Opens file in notepad (likely ransom note)
PID:4408

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads