Overview

overview

3

Static

static

1

windows7-x...chrome

windows7-x64

3

Resubmissions

08-05-2023 16:01

230508-tf7bradc21 3

08-05-2023 14:27

230508-rsf9zsch2w 3

08-05-2023 14:16

230508-rlg8psba52 1

08-05-2023 11:57

230508-n4wl9sad93 1

07-05-2023 10:21

230507-mdtjjsec78 3

07-05-2023 10:18

230507-mb8kpagb4s 3

Analysis

  • max time kernel
    28s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20230220-es
  • resource tags

    arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
  • submitted
    08-05-2023 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    example2.png

  • Size

    20KB

  • MD5

    71e626c06373ec52f917e995bcacfa9d

  • SHA1

    a9c41052486edf5d81250c27825cd055e00a09f4

  • SHA256

    222029ab35279e509885f938e61b50bbb2e0951bef7ed6c322da5b78facb124c

  • SHA512

    3a9d4d31f63d1f72e58703f824fac7acc28b434d912f458beb25184ee5d69cc011f98d41b002f97313070d18824252cfa2b84598b1bbe5570680b98df4cd8c1c

  • SSDEEP

    384:dD1nxpt6RXC0CAChZ9PHCN7eGx+/2dJT3WGWKHjy9CBoeNc535aGiMSvl:x1nxpOS0CAEZFCN7/EMkGWKDECOe+53W

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\example2.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1784

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1784-54-0x0000000001CA0000-0x0000000001CA1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1784-55-0x0000000001CA0000-0x0000000001CA1000-memory.dmp

    Filesize

    4KB

    Download