Analysis
-
max time kernel
10s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25/12/2023, 07:09
General
-
Target
TessioScriptInyector.cfg
-
Size
31B
-
MD5
cf00b95e9c5d1ce9d72e1d97bfb030aa
-
SHA1
64c9eca7dc680b6158271cdb2b05aa11c38f610f
-
SHA256
4cec27dcf4200533f1237aadf9c79c1c2cfac5b7af2429355d0bebbe3223cbb7
-
SHA512
ce56a610f27758a75db521c94acce324d9106a6f438d0dd11476f34fc6f0dd76e2340deea9d4bcd5830d73f134e3c86af3b6e6fb27c11b682ed541d9cbd36783
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\TessioScriptInyector.cfg1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\TessioScriptInyector.cfg2⤵
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TessioScriptInyector.cfg"3⤵
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD55280c9d4a7f3a8d8ed8598328b62ced7
SHA115fbf49a8b32d95e97a8d8d0e8722fa7d1d49ba7
SHA25698b6f353ed616eb258c35f58c5c0a961420b2b403ae3941417e2a655c25e8222
SHA5129bcb1e0b5107fbe39e93fd0c0850468dfdceac6bee6202dd2020dff227cda309cc44b0ce2ebf7c4b93822d28c0696e996127e8de8cb86739e4c070150f439cc3