Overview

overview

1

Static

static

1

NSM.ini

windows10-ltsc 2021-x64

1

cAlient32.ini

windows10-ltsc 2021-x64

1

nskbfltr.inf

windows10-ltsc 2021-x64

1

nsm_vpro.ini

windows10-ltsc 2021-x64

1

Resubmissions

04-12-2024 04:28

241204-e3ta3sxlep 1

04-12-2024 03:02

241204-djgmhatpdm 1

04-12-2024 02:46

241204-c9ep6axpg1 10

Analysis

  • max time kernel
    99s
  • max time network
    137s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20241023-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    04-12-2024 04:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NSM.ini

  • Size

    6KB

  • MD5

    88b1dab8f4fd1ae879685995c90bd902

  • SHA1

    3d23fb4036dc17fa4bee27e3e2a56ff49beed59d

  • SHA256

    60fe386112ad51f40a1ee9e1b15eca802ced174d7055341c491dee06780b3f92

  • SHA512

    4ea2c20991189fe1d6d5c700603c038406303cca594577ddcbc16ab9a7915cb4d4aa9e53093747db164f068a7ba0f568424bc8cb7682f1a3fb17e4c9ec01f047

  • SSDEEP

    96:B6pfGAtXOdwpEKyhuSY92fihuUhENXh8o3IFhucOi49VLO9kNVnkOeafhuK7cwo4:BnwpwYFuy6/njroYbe3j1vlS

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\NSM.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:4492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads