Analysis
-
max time kernel
150s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
-
submitted
17/05/2023, 00:31
General
-
Target
Super Smash Bros Ultimate [NSP + Update 13.0 + 99 DLCs].torrent
-
Size
174KB
-
MD5
ad2f5a88cb442e7f2445fb6d2a3ac343
-
SHA1
6d9eb4f25e885f206d282ac059f611c23486e3dd
-
SHA256
fb65157062154d76110503e063dfb6215027d17551ff049d0a40ef1885f5bc3d
-
SHA512
4d91c0771c9f71744c426d949b878aae756ceed65d9fb543eed849b4701aece4d0970d7b55c3d592b2f94a26b29a0d87aed95f82853ea01c4468f5cbea920aa0
-
SSDEEP
3072:Pp75APfkHvoXBOhBnd7Lola9O3KLNOUXj5LjX9jIiz4EDyISRQE4YtTfeaZ:Pp9APsPoc7dwla03KwoLjX9jIipSRZ4g
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 10 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Super Smash Bros Ultimate [NSP + Update 13.0 + 99 DLCs].torrent"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Super Smash Bros Ultimate [NSP + Update 13.0 + 99 DLCs].torrent2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Super Smash Bros Ultimate [NSP + Update 13.0 + 99 DLCs].torrent"3⤵
- Suspicious use of SetWindowsHookEx
-
-