Overview

overview

3

Static

static

1

scape 2.zip

windows7-x64

1

scape 2.zip

windows10-2004-x64

1

manifest.json

windows7-x64

3

manifest.json

windows10-2004-x64

3

modlist.html

windows7-x64

1

modlist.html

windows10-2004-x64

1

overrides/...ts.cfg

windows7-x64

3

overrides/...ts.cfg

windows10-2004-x64

3

overrides/...ls.cfg

windows7-x64

3

overrides/...ls.cfg

windows10-2004-x64

3

overrides/...ck.zip

windows7-x64

1

overrides/...ck.zip

windows10-2004-x64

1

overrides/...me.txt

windows7-x64

1

overrides/...me.txt

windows10-2004-x64

1

overrides/...s.json

windows7-x64

3

overrides/...s.json

windows10-2004-x64

3

overrides/...es.cfg

windows7-x64

3

overrides/...es.cfg

windows10-2004-x64

3

overrides/...s.json

windows7-x64

3

overrides/...s.json

windows10-2004-x64

3

overrides/...on.cfg

windows7-x64

3

overrides/...on.cfg

windows10-2004-x64

3

overrides/...al.cfg

windows7-x64

3

overrides/...al.cfg

windows10-2004-x64

3

overrides/...es.cfg

windows7-x64

3

overrides/...es.cfg

windows10-2004-x64

3

overrides/...es.cfg

windows7-x64

3

overrides/...es.cfg

windows10-2004-x64

3

overrides/...in.cfg

windows7-x64

3

overrides/...in.cfg

windows10-2004-x64

3

overrides/...es.cfg

windows7-x64

3

overrides/...es.cfg

windows10-2004-x64

3

Analysis

  • max time kernel
    135s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-05-2023 13:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    overrides/config/CoroUtil/General.cfg

  • Size

    1KB

  • MD5

    f30bdd11634af390e93ca609a5ad7cc9

  • SHA1

    30ec6dd9724bcae8ca538961c287c4a5f9fbfdbb

  • SHA256

    f4b230382d68c8940a882be7792e6df54224f23ac40672e4dcc7fc696be104ba

  • SHA512

    52ecf83d650be052a327f55caf609c211178174ce0ecc169bde306356d80a06bcf6da17d37cdb16238bf79454ea423e17769f1ae2ae4b5fb762082da441bde3c

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\overrides\config\CoroUtil\General.cfg
    1⤵
    • Modifies registry class
    PID:3812
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4644

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads