Overview

overview

3

Static

static

1

youhackerSt.rar

windows7-x64

3

youhackerSt.rar

windows10-2004-x64

3

Resubmissions

11/02/2023, 15:54 UTC

230211-tckctahh3s 3

Analysis

  • max time kernel
    52s
  • max time network
    59s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/02/2023, 15:54 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    youhackerSt.rar

  • Size

    2.6MB

  • MD5

    33a1d1bbed094e27db66bddeeab4e5dc

  • SHA1

    5354677b25e68ad91b389442d4b5b1e65546d84b

  • SHA256

    8c4d1f09b5d8a83d7b419b48893b68ad5d99e600622c0fa5c7bff63707bf5db3

  • SHA512

    d439a12ce967af3299eabe13b14e55bd2a6d5048b30308a76567b7dd860add8cfd712986da6958824f16fa3c74ac2d07dd5601a4a3a32368cc113933adcfe356

  • SSDEEP

    49152:HqDDGnqXwBoZd89O2lUEJcnBDSoyK3Yqjf5FGO2U8MaaR:HYCqABoPEXl3iBDSoypoklMaaR

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\youhackerSt.rar
    1⤵
    • Modifies registry class
    PID:1180
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3620

Network

    No results found
  • 20.44.10.122:443
    322 B
     7
  • 8.247.211.254:80
    46 B
     40 B
     1
    1
  • 8.238.21.126:80
    322 B
     7
  • 8.238.21.126:80
    322 B
     7
  • 8.238.21.126:80
    322 B
     7
No results found

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.