Overview

overview

3

Static

static

3

devcpp-4.9...rc.zip

windows10-1703-x64

1

source/AboutFrm.dfm

windows10-1703-x64

3

source/AboutFrm.pas

windows10-1703-x64

3

source/AddToDoFm.dfm

windows10-1703-x64

3

source/AddToDoFm.pas

windows10-1703-x64

3

source/CFGData.pas

windows10-1703-x64

3

source/CFGINI.pas

windows10-1703-x64

3

source/CFGReg.pas

windows10-1703-x64

3

source/CPUFrm.js

windows10-1703-x64

1

source/CVSFm.vbs

windows10-1703-x64

1

source/Edi...frm.js

windows10-1703-x64

1

source/LangFrm.js

windows10-1703-x64

1

source/Vcl...ton.js

windows10-1703-x64

1

source/Vcl...ion.js

windows10-1703-x64

1

source/Vcl...ist.js

windows10-1703-x64

1

source/Vcl/XPMenu.js

windows10-1703-x64

1

source/Vcl...e.html

windows10-1703-x64

1

source/Vcl...dit.js

windows10-1703-x64

1

source/Vcl...ocs.js

windows10-1703-x64

1

source/Vcl...lti.js

windows10-1703-x64

1

source/Vcl...xpr.js

windows10-1703-x64

1

source/debugger.js

windows10-1703-x64

1

source/debugwait.js

windows10-1703-x64

1

source/dev...ip2.js

windows10-1703-x64

1

source/dev...ain.js

windows10-1703-x64

1

source/editor.js

windows10-1703-x64

1

source/ima...ic.ps1

windows10-1703-x64

3

source/pac...ip2.js

windows10-1703-x64

1

source/pac...zip.js

windows10-1703-x64

1

source/pac...pes.js

windows10-1703-x64

1

source/utils.js

windows10-1703-x64

1

source/web...er.exe

windows10-1703-x64

1

Analysis

  • max time kernel
    298s
  • max time network
    177s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-es
  • resource tags

    arch:x64arch:x86image:win10-20230220-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    27-05-2023 20:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    source/AboutFrm.pas

  • Size

    5KB

  • MD5

    f30b324d1c3a1df6d9d0e2f5f6097a4c

  • SHA1

    aa8f5ba04abcb68a2b93bb1ce8dfbd65e1c99750

  • SHA256

    0caa8ff153b78c2237d9c2224822c7d9a2cfe524a1bbaa36497e44ca3cdf739a

  • SHA512

    3592939bdec3fff168a73b05958d7a4c22cb7fc22eefba8baff632fe4d475394cebd70e63d3ba529e6d6d5ed8a7fb12624617dd3885cde539ab600c090df65d3

  • SSDEEP

    96:3OxLiZgbdKZ069MQvilTGi3UW6ieyV8wpVosDdWKqYn0NyEB53TtlnWuW1Ya9FQY:342EzeyV8DsDzqYn0NyEB5DtlJSYaFo8

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\source\AboutFrm.pas
    1⤵
    • Modifies registry class
    PID:1548
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:4436

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads