Overview
overview
10Static
static
3Quote-SA05...df.exe
windows7-x64
10Quote-SA05...df.exe
windows10-2004-x64
10$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3Aborning/O...23.ini
windows7-x64
1Aborning/O...23.ini
windows10-2004-x64
1Aborning/P...93.jpg
windows7-x64
3Aborning/P...93.jpg
windows10-2004-x64
4Aborning/R...es.txt
windows7-x64
1Aborning/R...es.txt
windows10-2004-x64
1Aborning/R...es.dru
windows7-x64
3Aborning/R...es.dru
windows10-2004-x64
3Aborning/R...ns.ind
windows7-x64
3Aborning/R...ns.ind
windows10-2004-x64
3Aborning/R...ds.txt
windows7-x64
1Aborning/R...ds.txt
windows10-2004-x64
1Aborning/R...et.jpg
windows7-x64
3Aborning/R...et.jpg
windows10-2004-x64
4Aborning/R...ic.txt
windows7-x64
1Aborning/R...ic.txt
windows10-2004-x64
1Aborning/R...te.cal
windows7-x64
3Aborning/R...te.cal
windows10-2004-x64
3Aborning/R...ie.ini
windows7-x64
1Aborning/R...ie.ini
windows10-2004-x64
1Aborning/V...88.txt
windows7-x64
1Aborning/V...88.txt
windows10-2004-x64
1Aborning/enrapts.txt
windows7-x64
1Aborning/enrapts.txt
windows10-2004-x64
1Aborning/f...es.sej
windows7-x64
3Aborning/f...es.sej
windows10-2004-x64
3Anisbolsjet166.ini
windows7-x64
1Anisbolsjet166.ini
windows10-2004-x64
1Analysis
-
max time kernel
93s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20250217-en -
resource tags
arch:x64arch:x86image:win10v2004-20250217-enlocale:en-usos:windows10-2004-x64system -
submitted
24/02/2025, 10:48
Static task
static1
Behavioral task
behavioral1
Sample
Quote-SA05537809567875351061-24_pdf.exe
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral2
Sample
Quote-SA05537809567875351061-24_pdf.exe
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
Aborning/Opsendelsens23.ini
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral6
Sample
Aborning/Opsendelsens23.ini
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
Aborning/Porriwiggle193.jpg
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral8
Sample
Aborning/Porriwiggle193.jpg
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
Aborning/Ramesside/Retransmute/swamies.txt
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral10
Sample
Aborning/Ramesside/Retransmute/swamies.txt
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Aborning/Ramesside/Retransmute/tonsenes.dru
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral12
Sample
Aborning/Ramesside/Retransmute/tonsenes.dru
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Aborning/Ramesside/hundesldens.ind
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral14
Sample
Aborning/Ramesside/hundesldens.ind
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Aborning/Ramesside/myriapods.txt
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral16
Sample
Aborning/Ramesside/myriapods.txt
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Aborning/Ramesside/romanidealet.jpg
Resource
win7-20241023-en
windows7-x64
Behavioral task
behavioral18
Sample
Aborning/Ramesside/romanidealet.jpg
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
Aborning/Ramesside/spermatozoic.txt
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral20
Sample
Aborning/Ramesside/spermatozoic.txt
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Aborning/Ramesside/springsttte.cal
Resource
win7-20241010-en
windows7-x64
Behavioral task
behavioral22
Sample
Aborning/Ramesside/springsttte.cal
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
Aborning/Ramesside/sumlinie.ini
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral24
Sample
Aborning/Ramesside/sumlinie.ini
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Aborning/Viljefastheden188.txt
Resource
win7-20250207-en
windows7-x64
Behavioral task
behavioral26
Sample
Aborning/Viljefastheden188.txt
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
Aborning/enrapts.txt
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral28
Sample
Aborning/enrapts.txt
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
Aborning/fiskefrikadellernes.sej
Resource
win7-20241023-en
windows7-x64
Behavioral task
behavioral30
Sample
Aborning/fiskefrikadellernes.sej
Resource
win10v2004-20250217-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
Anisbolsjet166.ini
Resource
win7-20240903-en
windows7-x64
Behavioral task
behavioral32
Sample
Anisbolsjet166.ini
Resource
win10v2004-20250217-en
windows10-2004-x64
General
-
Target
Aborning/Ramesside/spermatozoic.txt
-
Size
684B
-
MD5
393ccd8a7597bfb1f852db765b7b89b6
-
SHA1
28516cad3aa62c93a9e19735285ddd5d1f5f595c
-
SHA256
2f63821cde8a017757afb0f95570908690e3fa98a57aa6d442c1cae4e6bf8920
-
SHA512
0363fdb11d48e34bfdea41c2c292a58f3efcd7f4d69780df2675df38687f6f5cc4527ed45595e594800932c053cff0c0c4b5d52404a9bde8fb341d5bf1c711ed
Malware Config
Signatures
-
Opens file in notepad (likely ransom note) 1 IoCs
pid Process 2652 NOTEPAD.EXE