Overview

overview

3

Static

static

3

Surs.zip

windows11-21h2-x64

1

.gitattributes

windows11-21h2-x64

3

.gradle/7....s.lock

windows11-21h2-x64

3

.gradle/7....ry.bin

windows11-21h2-x64

3

.gradle/7....y.lock

windows11-21h2-x64

3

.gradle/7....ld.bin

windows11-21h2-x64

3

.gradle/7....es.bin

windows11-21h2-x64

3

.gradle/7....s.lock

windows11-21h2-x64

3

.gradle/bu...p.lock

windows11-21h2-x64

3

.gradle/bu...erties

windows11-21h2-x64

3

.gradle/bu...es.bin

windows11-21h2-x64

3

.gradle/ch...s.lock

windows11-21h2-x64

3

.gradle/ch...ms.bin

windows11-21h2-x64

3

.gradle/ch...ms.bin

windows11-21h2-x64

3

.idea/.gitignore

windows11-21h2-x64

3

.idea/Spac...on.xml

windows11-21h2-x64

1

.idea/compiler.xml

windows11-21h2-x64

1

.idea/gradle.vbs

windows11-21h2-x64

1

.idea/jarR...es.xml

windows11-21h2-x64

1

.idea/misc.xml

windows11-21h2-x64

1

.idea/runC...nt.xml

windows11-21h2-x64

1

.idea/runC...er.xml

windows11-21h2-x64

1

.idea/uiDesigner.xml

windows11-21h2-x64

1

.idea/workspace.xml

windows11-21h2-x64

1

build.gradle

windows11-21h2-x64

3

build/_app...og.txt

windows11-21h2-x64

3

build/nati...32.dll

windows11-21h2-x64

3

build/nati...64.dll

windows11-21h2-x64

1

build/reso....dylib

windows11-21h2-x64

3

build/reso...rpc.so

windows11-21h2-x64

3

build/reso...pc.dll

windows11-21h2-x64

1

build/reso...pc.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    90s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-11-2024 16:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    build/_applyBinpatches_2/log.txt

  • Size

    198KB

  • MD5

    add528757f428f7af09745e45368d38e

  • SHA1

    dc219b5490658dcc68e02176392f7cbbb9c3884e

  • SHA256

    8455f3afe624d01ce5e77e847e06b3e40ffbe7d27d378aa7fac1f45cfb9d079d

  • SHA512

    acfe62bd436bd1f762245cbb25f2323f73322d21b9bf4e0d8c6619fe461e172dcbabf93f9905ffeba4d4dac075a876c06f9b31956482cf55385356d5c63175d1

  • SSDEEP

    768:YygShkCZqRiT9OqmzjXhK3oDwgZ6FuubqcYE7sk6rVZYcM3yOCiA9ZGbiijIh0Bw:/kWQo3PfuZNamHUGEfLE8C/Utzs

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\build\_applyBinpatches_2\log.txt
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:5060
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\build\_applyBinpatches_2\log.txt
      2⤵
      • Opens file in notepad (likely ransom note)
      PID:336

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads