Overview

overview

3

Static

static

NohBoard-R....0.zip

windows7-x64

1

NohBoard-R....0.zip

windows10-2004-x64

1

NohBoard.Hooking.dll

windows7-x64

1

NohBoard.Hooking.dll

windows10-2004-x64

3

NohBoard.exe

windows7-x64

1

NohBoard.exe

windows10-2004-x64

1

System.ValueTuple.dll

windows7-x64

1

System.ValueTuple.dll

windows10-2004-x64

1

clipper_library.dll

windows7-x64

1

clipper_library.dll

windows10-2004-x64

1

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

keyboards/...d.json

windows7-x64

3

keyboards/...d.json

windows10-2004-x64

3

Analysis

  • max time kernel
    78s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-09-2022 00:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    keyboards/BurningFish/us_intlmouse/keyboard.json

  • Size

    52KB

  • MD5

    f220f5ee4765786712aeedd7e6350295

  • SHA1

    61eab17c48b6beae975f7ff845305e294b3197a1

  • SHA256

    3f0b66bb0bf79b79c68139add9d7fb97ec609a563f2308080c2ed3b72b617cb9

  • SHA512

    9dc6e51b03e0911821252e0c3b3cf4a0569a2009dcb58d88f1c1db74a179984e4f9cb146a3f26fadcce20c8c31183111de0beeeaa29faf890a96f31b716a380e

  • SSDEEP

    384:9nN7lDc+pwZpIG939GQYg7rGRii6gCni2O3gfvA+7vKyiED:9NkYg7rGRii6gCdOwHj7rim

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\keyboards\BurningFish\us_intlmouse\keyboard.json
    1⤵
    • Modifies registry class
    PID:1752
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:100

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads