Analysis
-
max time kernel
22s -
max time network
135s -
platform
windows10_x64 -
resource
win10v20210410 -
submitted
16-07-2021 11:20
General
-
Target
Twitch Monster/linux-chromium/swiftshader/libGLESv2.so
-
Size
2.7MB
-
MD5
3d799b971d0c0d3003b17bdb240c952b
-
SHA1
bb776a53e03c847d8b842e62fe2cd3fb982563e7
-
SHA256
82fdcccdfbf7d22fd267f9f2508b493bc105cdffabe948d20f479aacb2e8bfb3
-
SHA512
4d2bee45b6d0a588edca494d2f9169801a3724e58a2562f860c819d59550f41b704461bbfd7bab3029099e73a02c66f858e04f42dac2ad93c9f1f05722ec65b4
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies registry class 2 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Twitch Monster\linux-chromium\swiftshader\libGLESv2.so"1⤵
- Modifies registry class
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx