Overview

overview

10

Static

static

5

30102024.rar

windows7-x64

1

30102024.rar

windows10-2004-x64

1

30102024/D...gs.vbs

windows7-x64

3

30102024/D...gs.vbs

windows10-2004-x64

1

30102024/ReadMe.txt

windows7-x64

1

30102024/ReadMe.txt

windows10-2004-x64

1

30102024/dControl.exe

windows7-x64

10

30102024/dControl.exe

windows10-2004-x64

5

out.exe

windows7-x64

out.exe

windows10-2004-x64

30102024/dControl.ini

windows7-x64

1

30102024/dControl.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    19-12-2024 23:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    30102024/dControl.ini

  • Size

    86KB

  • MD5

    f562c447812aea71ea3caa93b7252fff

  • SHA1

    3e67cee59da2c2a6e667c04741b6ec93dcb99f8c

  • SHA256

    951f17bb65a39011eced7274da19940c9ddf062a7f6cb4951d4982c9c1efb310

  • SHA512

    52fab124af1d7ac2fabbe4294593abcc7479bbf680e2fd7360c8b69a25681b015de71d5ec5297bfd429c74761cc87a581ab9ba6d19a45e4a76b921f2c3f88d3f

  • SSDEEP

    768:i/oizrPfjsxaxdk2akexodULxEQq1wIgC+AEbSr6:fiz7jsxkKdkJdULgbWSO

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\30102024\dControl.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2332

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads