Overview

overview

10

Static

static

10

AutoDiscorder.zip

windows7-x64

7

AutoDiscorder.zip

windows10-2004-x64

1

AutoDiscorder.exe

windows7-x64

7

AutoDiscorder.exe

windows10-2004-x64

9

discord_to...er.pyc

windows7-x64

3

discord_to...er.pyc

windows10-2004-x64

3

get_cookies.pyc

windows7-x64

3

get_cookies.pyc

windows10-2004-x64

3

misc.pyc

windows7-x64

3

misc.pyc

windows10-2004-x64

3

passwords_grabber.pyc

windows7-x64

3

passwords_grabber.pyc

windows10-2004-x64

3

source_prepared.pyc

windows7-x64

3

source_prepared.pyc

windows10-2004-x64

3

PW IS 123.txt

windows7-x64

1

PW IS 123.txt

windows10-2004-x64

1

Readme.txt

windows7-x64

1

Readme.txt

windows10-2004-x64

1

Troubleshooting.txt

windows7-x64

1

Troubleshooting.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2024 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Troubleshooting.txt

  • Size

    266B

  • MD5

    6e68bf02924bf8c4b4cbc3e539c9fa67

  • SHA1

    18c1e54312ed2e2709ff75f6f29263be20f10603

  • SHA256

    b4e4f308eed406ac5c634d0a80f3d2ec2525352bf7370880c702cb7d6ada64df

  • SHA512

    2f85885ad8a899eb790f0658fbec5274cc2b9af4582fbe0427618183c50c47e421e1c148ffe79be1e3752399026187118090ce08d20a7c4fa30dd3c73e1596c7

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Troubleshooting.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads