Analysis

  • max time kernel
    314s
  • max time network
    1612s
  • platform
    windows10-1703_x64
  • resource
    win10-20231023-en
  • resource tags

    arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14-11-2023 09:38

General

  • Target

    14-11-2023_VUBSUFEkriWDh1D.rar

  • Size

    11.6MB

  • MD5

    4be2e7f28c6fd64cee77c73f46359548

  • SHA1

    327a78d1f0b87418d612c656592b7d5b57d260d3

  • SHA256

    ba21c2f23d365ac2809dac09e2b41c2b345d17bef526ad6623b6920ea28dc61b

  • SHA512

    243bdf001ec81fcfb23c22806be8e12cf273053aeb62a10c2051f3c2943c8e35d687bca1d0e5f0a2335a96666d928ed6c3cf1e0063b70d9e4f7a6bb9c0ff9191

  • SSDEEP

    196608:L1ePaxxQJH2eFEdbHBhg2Xkb/8tz6GSh41KTx6G981T2JV15sjl+oBnlTyZW+mrn:LgPmeN6AjE6GSCKNL15gllnMPoEfENAq

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\14-11-2023_VUBSUFEkriWDh1D.rar
    1⤵
    • Modifies registry class
    PID:2320
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads