Overview
overview
8Static
static
3Clumsy0.4v...v3.exe
windows7-x64
7Clumsy0.4v...v3.exe
windows10-2004-x64
8܅�� zF.pyc
windows7-x64
܅�� zF.pyc
windows10-2004-x64
Clumsy0.4v....4.txt
windows7-x64
1Clumsy0.4v....4.txt
windows10-2004-x64
1Clumsy0.4v...rt.dll
windows7-x64
1Clumsy0.4v...rt.dll
windows10-2004-x64
1Clumsy0.4v...64.sys
windows7-x64
1Clumsy0.4v...64.sys
windows10-2004-x64
1Clumsy0.4v...ig.txt
windows7-x64
1Clumsy0.4v...ig.txt
windows10-2004-x64
1Analysis
-
max time kernel
1563s -
max time network
1565s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system -
submitted
15/10/2024, 22:08
Static task
static1
Behavioral task
behavioral1
Sample
Clumsy0.4v3/Clumsy0.4v3.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
Clumsy0.4v3/Clumsy0.4v3.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
܅�� zF.pyc
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
܅�� zF.pyc
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
Clumsy0.4v3/READ ABOUT UPGRADES FOR 0.4.txt
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Clumsy0.4v3/READ ABOUT UPGRADES FOR 0.4.txt
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
Clumsy0.4v3/WinDivert.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Clumsy0.4v3/WinDivert.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Clumsy0.4v3/WinDivert64.sys
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Clumsy0.4v3/WinDivert64.sys
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
Clumsy0.4v3/config.txt
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
Clumsy0.4v3/config.txt
Resource
win10v2004-20241007-en
General
-
Target
Clumsy0.4v3/config.txt
-
Size
494B
-
MD5
96e1f04ec8c447bc7fa7076556b816b6
-
SHA1
56393dfb14a5bd5ecd33a1b8c7e5b150b068a7ff
-
SHA256
68d9f0a48c33b279478c168578e1d5ff9ff5331be68d686a23c22f36de2a4463
-
SHA512
12e26a747363cb636066ae3a8e391e7d22d2ae6d35064501bdeee01ae65b96d3cb6187578c6537fb4eef8e556524880a48b1556f73c8ff674e69ad33fe0ce5c5
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 1944 NOTEPAD.EXE