Overview

overview

3

Static

static

1

Desktop.rar

windows7-x64

3

Desktop.rar

windows10-2004-x64

3

Desktop - ...0).rar

windows7-x64

3

Desktop - ...0).rar

windows10-2004-x64

3

Desktop - ...1).rar

windows7-x64

3

Desktop - ...1).rar

windows10-2004-x64

3

Desktop - ...2).rar

windows7-x64

3

Desktop - ...2).rar

windows10-2004-x64

3

Desktop - ...3).rar

windows7-x64

3

Desktop - ...3).rar

windows10-2004-x64

3

Desktop - ...4).rar

windows7-x64

3

Desktop - ...4).rar

windows10-2004-x64

3

Desktop - ...5).rar

windows7-x64

3

Desktop - ...5).rar

windows10-2004-x64

3

Desktop - ...6).rar

windows7-x64

3

Desktop - ...6).rar

windows10-2004-x64

3

Desktop - ...7).rar

windows7-x64

3

Desktop - ...7).rar

windows10-2004-x64

3

Desktop - ...8).rar

windows7-x64

3

Desktop - ...8).rar

windows10-2004-x64

3

Desktop - ...9).rar

windows7-x64

3

Desktop - ...9).rar

windows10-2004-x64

3

Desktop - ...2).rar

windows7-x64

3

Desktop - ...2).rar

windows10-2004-x64

3

Desktop - ...0).rar

windows7-x64

3

Desktop - ...0).rar

windows10-2004-x64

3

Desktop - ...1).rar

windows7-x64

3

Desktop - ...1).rar

windows10-2004-x64

3

Desktop - ...2).rar

windows7-x64

3

Desktop - ...2).rar

windows10-2004-x64

3

Desktop - ...3).rar

windows7-x64

3

Desktop - ...3).rar

windows10-2004-x64

3

Analysis

  • max time kernel
    1767s
  • max time network
    1591s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2023, 01:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Desktop - Copy (16).rar

  • Size

    32KB

  • MD5

    fcb7c9384859a7e7737a0b3e8b323135

  • SHA1

    3c79508ff1736f3792fce459818ca0fdac6e3deb

  • SHA256

    2f88a8062606f74795d5ec0a5f465066304635d6af0eafd7db79207e09203352

  • SHA512

    9a4eeb5f8347000d90e26c4f87495f6c419ddbd6b9eaf5a763c4366533cbd741e59a0236c7ad97dd65babdf7e64b6ddec89c9ceddb23943987ab4b4c44bbb6a0

  • SSDEEP

    768:P07PVreHgzrPODgE6nwdCexOLLjp1IE6g1IE6u1IE6b1IE6k1IE6k1IE6NY1IE6X:P07PVreGPODg1wdCexOLLjvIOIMIRIKO

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 8 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Desktop - Copy (16).rar"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Desktop - Copy (16).rar
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2340
      • C:\Program Files\VideoLAN\VLC\vlc.exe
        "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\Desktop - Copy (16).rar"
        3⤵
        • Suspicious behavior: AddClipboardFormatListener
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of FindShellTrayWindow
        • Suspicious use of SendNotifyMessage
        • Suspicious use of SetWindowsHookEx
        PID:2748

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2748-29-0x000000013F6D0000-0x000000013F7C8000-memory.dmp

          Filesize

          992KB

          Download

        • memory/2748-30-0x000007FEF7B60000-0x000007FEF7B94000-memory.dmp

          Filesize

          208KB

          Download

        • memory/2748-31-0x000007FEF61A0000-0x000007FEF6454000-memory.dmp

          Filesize

          2.7MB

          Download

        • memory/2748-32-0x000007FEFB9E0000-0x000007FEFB9F8000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2748-33-0x000007FEF6E90000-0x000007FEF6EA7000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2748-35-0x000007FEF6E50000-0x000007FEF6E67000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2748-34-0x000007FEF6E70000-0x000007FEF6E81000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-36-0x000007FEF6D90000-0x000007FEF6DA1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-37-0x000007FEF6950000-0x000007FEF696D000-memory.dmp

          Filesize

          116KB

          Download

        • memory/2748-38-0x000007FEF68C0000-0x000007FEF68D1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-39-0x000007FEF50F0000-0x000007FEF619B000-memory.dmp

          Filesize

          16.7MB

          Download

        • memory/2748-40-0x000007FEF4EF0000-0x000007FEF50F0000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2748-42-0x000007FEF6850000-0x000007FEF6871000-memory.dmp

          Filesize

          132KB

          Download

        • memory/2748-41-0x000007FEF6880000-0x000007FEF68BF000-memory.dmp

          Filesize

          252KB

          Download

        • memory/2748-43-0x000007FEF6830000-0x000007FEF6848000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2748-49-0x000007FEF4E90000-0x000007FEF4EA8000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2748-50-0x000007FEF4E60000-0x000007FEF4E90000-memory.dmp

          Filesize

          192KB

          Download

        • memory/2748-51-0x000007FEF4DF0000-0x000007FEF4E57000-memory.dmp

          Filesize

          412KB

          Download

        • memory/2748-48-0x000007FEF4EB0000-0x000007FEF4EC1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-52-0x000007FEF4D80000-0x000007FEF4DEF000-memory.dmp

          Filesize

          444KB

          Download

        • memory/2748-53-0x000007FEF4D60000-0x000007FEF4D71000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-55-0x000007FEF4CD0000-0x000007FEF4CF8000-memory.dmp

          Filesize

          160KB

          Download

        • memory/2748-54-0x000007FEF4D00000-0x000007FEF4D56000-memory.dmp

          Filesize

          344KB

          Download

        • memory/2748-56-0x000007FEF4CA0000-0x000007FEF4CC4000-memory.dmp

          Filesize

          144KB

          Download

        • memory/2748-60-0x000007FEF74B0000-0x000007FEF74C2000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-61-0x000007FEF7460000-0x000007FEF7481000-memory.dmp

          Filesize

          132KB

          Download

        • memory/2748-59-0x000007FEF4C30000-0x000007FEF4C41000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-62-0x000007FEF7440000-0x000007FEF7453000-memory.dmp

          Filesize

          76KB

          Download

        • memory/2748-63-0x000007FEF7420000-0x000007FEF7432000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-58-0x000007FEF4C50000-0x000007FEF4C73000-memory.dmp

          Filesize

          140KB

          Download

        • memory/2748-57-0x000007FEF4C80000-0x000007FEF4C97000-memory.dmp

          Filesize

          92KB

          Download

        • memory/2748-47-0x000007FEF4ED0000-0x000007FEF4EEB000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2748-46-0x000007FEF67D0000-0x000007FEF67E1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-45-0x000007FEF67F0000-0x000007FEF6801000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-64-0x000007FEF4AF0000-0x000007FEF4C2B000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2748-65-0x000007FEF4AC0000-0x000007FEF4AEC000-memory.dmp

          Filesize

          176KB

          Download

        • memory/2748-66-0x000007FEF4900000-0x000007FEF4AB2000-memory.dmp

          Filesize

          1.7MB

          Download

        • memory/2748-67-0x000007FEF47D0000-0x000007FEF482C000-memory.dmp

          Filesize

          368KB

          Download

        • memory/2748-68-0x000007FEF7400000-0x000007FEF7411000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-70-0x000007FEF4710000-0x000007FEF4722000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-69-0x000007FEF4730000-0x000007FEF47C7000-memory.dmp

          Filesize

          604KB

          Download

        • memory/2748-44-0x000007FEF6810000-0x000007FEF6821000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-71-0x000007FEF4430000-0x000007FEF4661000-memory.dmp

          Filesize

          2.2MB

          Download

        • memory/2748-72-0x000007FEF4310000-0x000007FEF4422000-memory.dmp

          Filesize

          1.1MB

          Download

        • memory/2748-73-0x000007FEF42D0000-0x000007FEF4305000-memory.dmp

          Filesize

          212KB

          Download

        • memory/2748-74-0x000007FEF42A0000-0x000007FEF42C5000-memory.dmp

          Filesize

          148KB

          Download

        • memory/2748-77-0x000007FEF3BC0000-0x000007FEF3BD1000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-79-0x000007FEF3690000-0x000007FEF36A3000-memory.dmp

          Filesize

          76KB

          Download

        • memory/2748-78-0x000007FEF3A00000-0x000007FEF3A12000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-76-0x000007FEF3BE0000-0x000007FEF3C41000-memory.dmp

          Filesize

          388KB

          Download

        • memory/2748-80-0x000007FEF35B0000-0x000007FEF364F000-memory.dmp

          Filesize

          636KB

          Download

        • memory/2748-81-0x000007FEF3570000-0x000007FEF3581000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-75-0x000007FEF3E80000-0x000007FEF3E91000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-82-0x000007FEF3460000-0x000007FEF3562000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/2748-83-0x000007FEF3440000-0x000007FEF3451000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-86-0x000007FEF33E0000-0x000007FEF33F2000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-85-0x000007FEF3400000-0x000007FEF3411000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-89-0x000007FEF3370000-0x000007FEF3399000-memory.dmp

          Filesize

          164KB

          Download

        • memory/2748-92-0x000007FEF3310000-0x000007FEF3321000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-91-0x000007FEF3330000-0x000007FEF3341000-memory.dmp

          Filesize

          68KB

          Download

        • memory/2748-90-0x000007FEF3350000-0x000007FEF3362000-memory.dmp

          Filesize

          72KB

          Download

        • memory/2748-88-0x000007FEF33A0000-0x000007FEF33B6000-memory.dmp

          Filesize

          88KB

          Download

        • memory/2748-87-0x000007FEF33C0000-0x000007FEF33D8000-memory.dmp

          Filesize

          96KB

          Download

        • memory/2748-84-0x000007FEF3420000-0x000007FEF3431000-memory.dmp

          Filesize

          68KB

          Download