Analysis
-
max time kernel
41s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
03/10/2022, 22:19
General
-
Target
muiplayer/css/poster.jpg
-
Size
126KB
-
MD5
a7f890b31588ad011dc0d62628fab326
-
SHA1
583bde67029107a2960475b425070465e72596ff
-
SHA256
8ba4e40c89077523ffda441754c456cb81964ea9bd69c59f9041bfd53b99f6f2
-
SHA512
bb732d36f7f407e48c9d457fa0412754cdb98abaa3935d59989ad8809119fbb071885b0c97781d305fa82930c9be2f83e07a13a96a3deffa99a179e03a2e15c8
-
SSDEEP
3072:CM/KMBPvGrGILHtByVVqmTaS1czguaB/m60:5/7BXmHtBmaS1YBamH
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\muiplayer\css\poster.jpg1⤵
- Suspicious use of FindShellTrayWindow
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB