Overview

overview

10

Static

static

10

XWorm-v5.6...ed.zip

windows7-x64

1

XWorm-v5.6...ed.zip

windows10-2004-x64

1

CefSharp.exe

windows7-x64

7

CefSharp.exe

windows10-2004-x64

7

FastColore...ox.dll

windows7-x64

1

FastColore...ox.dll

windows10-2004-x64

1

Fixer.bat

windows7-x64

1

Fixer.bat

windows10-2004-x64

1

GMap.NET.Core.dll

windows7-x64

1

GMap.NET.Core.dll

windows10-2004-x64

1

GMap.NET.W...ms.dll

windows7-x64

1

GMap.NET.W...ms.dll

windows10-2004-x64

1

GeoIP.dat

windows7-x64

3

GeoIP.dat

windows10-2004-x64

3

Guna.UI2.dll

windows7-x64

1

Guna.UI2.dll

windows10-2004-x64

1

IconExtractor.dll

windows7-x64

1

IconExtractor.dll

windows10-2004-x64

1

Logs\ErrorLogs.txt

windows7-x64

1

Logs\ErrorLogs.txt

windows10-2004-x64

1

NAudio.dll

windows7-x64

1

NAudio.dll

windows10-2004-x64

1

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

Plugins\Ac...ws.dll

windows7-x64

1

Plugins\Ac...ws.dll

windows10-2004-x64

1

Plugins\Chat.dll

windows7-x64

1

Plugins\Chat.dll

windows10-2004-x64

1

Plugins\Chromium.dll

windows7-x64

1

Plugins\Chromium.dll

windows10-2004-x64

1

Plugins\Clipboard.dll

windows7-x64

1

Plugins\Clipboard.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    94s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-11-2024 03:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Logs\ErrorLogs.txt

  • Size

    224B

  • MD5

    f77f4fb386c891a5640cf26473cebea4

  • SHA1

    db2fc673ed4b895561caf8670d1e40204a3d6fa6

  • SHA256

    633eef2d5302c0c224cd71aeb7d29901564f30e5a9b3d31cc0a55c1c6eeb3d5c

  • SHA512

    47fe461ccb295c95d951c0499d943febdc7b9b41923bd03b9b0876e52abc220cde47dd4a3ff13e98f991636fc21b6ef5297b679dde8dcd38b51cd0648eea38f9

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\Logs\ErrorLogs.txt
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:3268

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads