Overview

overview

10

Static

static

3

excellent.rar

windows7-x64

4

excellent.rar

windows10-2004-x64

10

excellent.exe

windows7-x64

7

excellent.exe

windows10-2004-x64

10

libGLESv2.dll

windows7-x64

1

libGLESv2.dll

windows10-2004-x64

1

updater.ini

windows7-x64

1

updater.ini

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 18:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    updater.ini

  • Size

    3.6MB

  • MD5

    971543b2412541a890ec173524db2ccf

  • SHA1

    0e49b25e0dc320a85d3c11908a444779695501f5

  • SHA256

    2096cacb59cb1bcf9605e4d6897e02007e06f2cf1ace4cda961c0ae2b57fc8aa

  • SHA512

    bf1c9677f32c24a64d058f6d42f4d65c5d52c94777513b3f7793e62fb974209891881d0d437aeba20a75d4aac1096e1205baa631d98e038ade5f42500e752bed

  • SSDEEP

    49152:dD6v+il2pVC/GDm70+mdGJ4B6YtYAgbMKl4wRd0:9S6Vaem7EdGSfhgbMKl4F

Score
1/10

Malware Config

Signatures

  • Opens file in notepad (likely ransom note) 1 IoCs
    ransomware

Processes

  • C:\Windows\system32\NOTEPAD.EXE
    C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\updater.ini
    1⤵
    • Opens file in notepad (likely ransom note)
    PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads