Analysis
-
max time kernel
417s -
max time network
421s -
platform
windows7_x64 -
resource
win7-20230703-es -
resource tags
-
submitted
08/07/2023, 05:59
General
-
Target
image.jpg
-
Size
48KB
-
MD5
ca0e92bbf33459cf65a115c1056fdb42
-
SHA1
d34e701ead06401992406dd11b51cd1d131e4835
-
SHA256
fb749b4267261f707d8c64db8b0b636ba31d51325119d3edefb47ac83ce483ea
-
SHA512
22a2455a714c5226f42f2c01612838c06b3a92f5b56c7f5a41d801ea869e0e4b5a910ab46c99d7a24fe93d8f9228e4eb414f19b615f55aa2d8839646f3814b4d
-
SSDEEP
768:XrIQ7CmrkyVp8vsc1wVR0GEC4YMoKrhOarSNxyCAzGpt7tStvfX5KtkhkNpNhz92:Xldk88vsc14EHYf8hQNjpt5SSy4z9LS
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 2 IoCs
Processes
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\image.jpg1⤵
- Suspicious use of FindShellTrayWindow
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB