Overview
overview
7Static
static
3Release.zip
windows7-x64
1Release.zip
windows10-2004-x64
7Setup.txt
windows7-x64
1Setup.txt
windows10-2004-x64
1emu/878321.exe
windows7-x64
1emu/878321.exe
windows10-2004-x64
1emu/KeyAut...or.exe
windows7-x64
1emu/KeyAut...or.exe
windows10-2004-x64
1emu/KeyAut...or.exe
windows7-x64
1emu/KeyAut...or.exe
windows10-2004-x64
1index.html
windows7-x64
3index.html
windows10-2004-x64
3loader3.exe
windows7-x64
1loader3.exe
windows10-2004-x64
1Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
09/11/2024, 21:38
Static task
static1
Behavioral task
behavioral1
Sample
Release.zip
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Release.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Setup.txt
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Setup.txt
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
emu/878321.exe
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
emu/878321.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
emu/KeyAuthEmulator.exe
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
emu/KeyAuthEmulator.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
emu/KeyAuthEmulator.exe
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
emu/KeyAuthEmulator.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
index.html
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
loader3.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
loader3.exe
Resource
win10v2004-20241007-en
General
-
Target
Setup.txt
-
Size
485B
-
MD5
a2f3faaed93c4e418ee084b928255cf1
-
SHA1
329f913ad51cc0a1bb76c2746ff9b7b6ea0857e7
-
SHA256
4f5e2e2d15b6e2f2e05b28cb8a0c9565acee9be4105b86dcf61068f388dbf225
-
SHA512
79a69bff7d8c526cc3ec35a8d55c063d3252d1b738ee497f9203c514d74d29a14effc2f6a25e889c5cef107d08e12f0576dbd011393481b18bf9ebbc2d0b09d4
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 2504 NOTEPAD.EXE