Analysis
-
max time kernel
44s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
-
submitted
16/02/2023, 11:03
General
-
Target
GTA 5 low mod v5 By juanma informatica.rar
-
Size
27.4MB
-
MD5
d3553dc56ee5171cdd89e37ab4e641ff
-
SHA1
5b6e9686f803533e340d8db0ed5cbd8648724086
-
SHA256
576e6c6ca28f8bf550e2f27296b213b25e76bebae5fa57f82a0acbc2f3cf4a24
-
SHA512
c977871a8d212d9e1c70e69be309e859b0abf96d7bc2ff5d91903835e9d430c8ab51fee703e4e65911c7472399aeb8c01c4ad575d20467a5c8b6afd029b6125a
-
SSDEEP
393216:lh/6RLC2PIMk1QlwONLShy70EHXR1G2NE/6VuqxZziEq5G6/eyGiA6XligaoR6g:lhS4TnQNJShy7RHXe2RmGIWusVu
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Modifies registry class 2 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of FindShellTrayWindow 9 IoCs
-
Suspicious use of SendNotifyMessage 8 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\GTA 5 low mod v5 By juanma informatica.rar"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\GTA 5 low mod v5 By juanma informatica.rar2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files\VideoLAN\VLC\vlc.exe"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\GTA 5 low mod v5 By juanma informatica.rar"3⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB