Analysis
-
max time kernel
142s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
23-07-2023 10:27
Static task
static1
Behavioral task
behavioral1
Sample
Daisy.rar
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
Daisy.rar
Resource
win10v2004-20230703-en
Behavioral task
behavioral3
Sample
Daisy/7B639216.exe
Resource
win7-20230712-en
Behavioral task
behavioral4
Sample
Daisy/7B639216.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral5
Sample
Daisy/8488E511.exe
Resource
win7-20230712-en
Behavioral task
behavioral6
Sample
Daisy/8488E511.exe
Resource
win10v2004-20230703-en
Behavioral task
behavioral7
Sample
Daisy/A2D0A16E.exe
Resource
win7-20230712-en
General
-
Target
Daisy.rar
-
Size
69.9MB
-
MD5
5428032e105659f7bc89c5aa637145c8
-
SHA1
b882fda8ec20b1b3d0c2cc13cbce33a3f1072400
-
SHA256
ebbe43c09b9b33476cac458bf447ea3b815f76580f094979d1ab5f3b69120f9b
-
SHA512
769f0c238b8015fee15fb628999efb68d10f0a10b135acfb7d9d8e51df08ffff2dd658186205573abd7e1e17ae7b21696db2d91730166cc41839b0e34c0683e3
-
SSDEEP
1572864:mnaprkyUiJPqhWyJs9L947TmRs0ikQoLcJxHg/LvEwfMcGhHu3+:mnagYyJsV947SZQoLcJxyJfhyOu
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-3011986978-2180659500-3669311805-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 4508 OpenWith.exe