Overview

overview

10

Static

static

10

0c4d2da440...2b.apk

android_x86

MuOptinet/...03.jpg

windows7_x64

3

MuOptinet/...03.jpg

windows10-2004_x64

3

MuOptinet/...04.jpg

windows7_x64

3

MuOptinet/...04.jpg

windows10-2004_x64

3

MuOptinet/...ve.jpg

windows7_x64

3

MuOptinet/...ve.jpg

windows10-2004_x64

3

MuOptinet/...pe.jpg

windows7_x64

3

MuOptinet/...pe.jpg

windows10-2004_x64

3

MuOptinet/...rl.jpg

windows7_x64

3

MuOptinet/...rl.jpg

windows10-2004_x64

3

MuOptinet/...et.jpg

windows7_x64

3

MuOptinet/...et.jpg

windows10-2004_x64

3

MuOptinet/...ed.jpg

windows7_x64

3

MuOptinet/...ed.jpg

windows10-2004_x64

3

MuOptinet/...el.jpg

windows7_x64

3

MuOptinet/...el.jpg

windows10-2004_x64

3

MuOptinet/...ng.jpg

windows7_x64

3

MuOptinet/...ng.jpg

windows10-2004_x64

3

MuOptinet/...an.jpg

windows7_x64

3

MuOptinet/...an.jpg

windows10-2004_x64

3

MuOptinet/...01.jpg

windows7_x64

3

MuOptinet/...01.jpg

windows10-2004_x64

3

MuOptinet/...11.jpg

windows7_x64

3

MuOptinet/...11.jpg

windows10-2004_x64

3

MuOptinet/...02.jpg

windows7_x64

3

MuOptinet/...02.jpg

windows10-2004_x64

3

MuOptinet/...02.jpg

windows7_x64

3

MuOptinet/...02.jpg

windows10-2004_x64

3

MuOptinet/...03.jpg

windows7_x64

3

MuOptinet/...03.jpg

windows10-2004_x64

3

MuOptinet/...03.jpg

windows7_x64

3

Analysis

  • max time kernel
    4294180s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20220311-en
  • submitted
    21-03-2022 18:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MuOptinet/Data/Item/satan.jpg

  • Size

    4KB

  • MD5

    061fa68d8fffed17f5d9606c244b8a09

  • SHA1

    6963de402807a1acaf9bc5272db1f23cbea0add1

  • SHA256

    dd65db8ef4e1348dc52f14a7bb0bd347b1145cf2f6aedda0da4457bbe41feedc

  • SHA512

    bf715f5315f27237b8fc8a13e4a0230cb992999704e6a1e4d5b5b77eb64d51fdbdd2d00d660adba04ee8f8ae31da6115a13026cdeb550359759523224e651aa5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\MuOptinet\Data\Item\satan.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:588

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/588-54-0x000007FEFC471000-0x000007FEFC473000-memory.dmp

    Filesize

    8KB

    Download

  • memory/588-55-0x00000000002A0000-0x00000000002A1000-memory.dmp

    Filesize

    4KB

    Download