Overview

overview

3

Static

static

1

daab2a45fd...b6.zip

windows7-x64

1

daab2a45fd...b6.zip

windows10-2004-x64

1

1d81c09d82....zipaa

windows7-x64

3

1d81c09d82....zipaa

windows10-2004-x64

3

1d81c09d82....zipab

windows7-x64

3

1d81c09d82....zipab

windows10-2004-x64

3

1d81c09d82....zipac

windows7-x64

3

1d81c09d82....zipac

windows10-2004-x64

3

1d81c09d82....zipad

windows7-x64

3

1d81c09d82....zipad

windows10-2004-x64

3

1d81c09d82....zipae

windows7-x64

3

1d81c09d82....zipae

windows10-2004-x64

3

1d81c09d82....zipaf

windows7-x64

3

1d81c09d82....zipaf

windows10-2004-x64

3

1d81c09d82....zipag

windows7-x64

3

1d81c09d82....zipag

windows10-2004-x64

3

1d81c09d82....zipah

windows7-x64

3

1d81c09d82....zipah

windows10-2004-x64

3

1d81c09d82....zipai

windows7-x64

3

1d81c09d82....zipai

windows10-2004-x64

3

1d81c09d82....zipaj

windows7-x64

3

1d81c09d82....zipaj

windows10-2004-x64

3

1d81c09d82....zipak

windows7-x64

3

1d81c09d82....zipak

windows10-2004-x64

3

1d81c09d82....zipal

windows7-x64

3

1d81c09d82....zipal

windows10-2004-x64

3

1d81c09d82....zipam

windows7-x64

3

1d81c09d82....zipam

windows10-2004-x64

3

1d81c09d82....zipan

windows7-x64

3

1d81c09d82....zipan

windows10-2004-x64

3

1d81c09d82....zipao

windows7-x64

3

1d81c09d82....zipao

windows10-2004-x64

3

Analysis

  • max time kernel
    813s
  • max time network
    1161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2023, 05:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1d81c09d8249410587ae.zipad

  • Size

    276B

  • MD5

    2d36db31fdf2cda80ef2d775218f5882

  • SHA1

    ce7397f4f983fe01730060bb54ab30845b7f8b1b

  • SHA256

    5508df553d9583b638144e4b0bde3309f73e210210e32633f0c9361eb20874ab

  • SHA512

    377b99003b1ef3cc4331168b373f41978c999b25433785059699d6ed8e2e61431912c540b869018f1390735f48e102aba5d5a29ffc44ab4704f6e134ae2907c1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\1d81c09d8249410587ae.zipad
    1⤵
    • Modifies registry class
    PID:1664
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1952

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads