Overview

overview

7

Static

static

7

5j1yFYZ7wftOfBeB

windows7-x64

1

5j1yFYZ7wftOfBeB

windows10-2004-x64

1

6ulq7PkQ4jMa3CG3

windows7-x64

1

6ulq7PkQ4jMa3CG3

windows10-2004-x64

1

7UKgaRjbLtj7Nmd3

windows7-x64

1

7UKgaRjbLtj7Nmd3

windows10-2004-x64

1

EUlp3EBVoZzDusIE

windows7-x64

1

EUlp3EBVoZzDusIE

windows10-2004-x64

1

FwNX79XwxL713ubH

windows7-x64

1

FwNX79XwxL713ubH

windows10-2004-x64

1

IgXYrHdIyByyYZ23

windows7-x64

1

IgXYrHdIyByyYZ23

windows10-2004-x64

1

IxpMALudDFwYVaf5

windows7-x64

1

IxpMALudDFwYVaf5

windows10-2004-x64

1

JqEzfGnwc8hnAIwY

windows7-x64

1

JqEzfGnwc8hnAIwY

windows10-2004-x64

1

LEMqqtVPF49FmZ7W

windows7-x64

1

LEMqqtVPF49FmZ7W

windows10-2004-x64

1

RuntimeIni...s.json

windows7-x64

3

RuntimeIni...s.json

windows10-2004-x64

3

ScriptingA...s.json

windows7-x64

3

ScriptingA...s.json

windows10-2004-x64

3

System.Dat...es.dat

windows7-x64

3

System.Dat...es.dat

windows10-2004-x64

3

URodfDhi1apVS2I5

windows7-x64

1

URodfDhi1apVS2I5

windows10-2004-x64

1

UnityServi...n.json

windows7-x64

3

UnityServi...n.json

windows10-2004-x64

3

V21k9r3Ax9VAZivr

windows7-x64

1

V21k9r3Ax9VAZivr

windows10-2004-x64

1

VBpk2rQvTZJtfs5Y

windows7-x64

1

VBpk2rQvTZJtfs5Y

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2023, 09:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    UnityServicesProjectConfiguration.json

  • Size

    864B

  • MD5

    a3ae25b293cb0d83940510d3a7a25113

  • SHA1

    60fbca80eb128270a0ec10856b56169423511a4b

  • SHA256

    e2d233597da5594e1e851f8edf267743fbd452e4c1b13e4378ec37e8af33fcc7

  • SHA512

    6bd23ff139f835907c5fb400c96ad7366d14d929b0d1f829565a8e0acc10bad1edcf8fd4666ed63d5f5574ed1f9bab7f9409fdad5c067cf2fe34afcd5096e878

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1584
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2616
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\UnityServicesProjectConfiguration.json"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2664

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1bebc6bf5af16ff767c8ba167de73569

    SHA1

    d99fd91b134f81c56eedb464874119bd670216d8

    SHA256

    ce498326fd3c4ce82acc94d8a14f99ab66f6f6690b27c93ed828e56ab3c8857b

    SHA512

    c44ab8f430944dde2626674575dbf95679e224769353dc377c19d25e3fc884708779deb1395119cee5bbd92ba2080ff31fe99917aef84cc4969490539518a684

    Download Submit