Overview

overview

3

Static

static

1

Transfer.zip

windows10-2004-x64

1

Transfer/control.lua

windows10-2004-x64

3

Transfer/d...n.json

windows10-2004-x64

3

Transfer/freeplay.js

windows10-2004-x64

1

Transfer/info.json

windows10-2004-x64

3

Transfer/l...it.dat

windows10-2004-x64

3

Transfer/level.dat0

windows10-2004-x64

3

Transfer/level.dat1

windows10-2004-x64

3

Transfer/level.dat10

windows10-2004-x64

3

Transfer/level.dat11

windows10-2004-x64

3

Transfer/level.dat12

windows10-2004-x64

3

Transfer/level.dat2

windows10-2004-x64

3

Transfer/level.dat3

windows10-2004-x64

3

Transfer/level.dat4

windows10-2004-x64

3

Transfer/level.dat5

windows10-2004-x64

3

Transfer/level.dat6

windows10-2004-x64

3

Transfer/level.dat7

windows10-2004-x64

3

Transfer/level.dat8

windows10-2004-x64

3

Transfer/level.dat9

windows10-2004-x64

3

Transfer/l...tadata

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/l...ay.cfg

windows10-2004-x64

3

Transfer/preview.jpg

windows10-2004-x64

3

Resubmissions

18-01-2024 21:47

240118-1m8ayshghp 3

18-01-2024 21:42

240118-1kd94ahgdk 1

18-01-2024 21:39

240118-1h5dhaafa4 1

Analysis

  • max time kernel
    142s
  • max time network
    270s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Transfer/level.dat6

  • Size

    444KB

  • MD5

    e483114a6644479896bc0a05dd0555e1

  • SHA1

    b961254991d0952796768293c501743591d20a4a

  • SHA256

    a7b0a6515c7bacd05895bd8e283310b038d89f423fe14fc43b71c2e982ea0cab

  • SHA512

    0d05bd4b6b014427e7d737a60ed3b19fa442ff1e60407b3d96279301f9227234872cd6dd36e9ce7e282befad018f3bb37edc115419341f38af17642ed59c4037

  • SSDEEP

    12288:5XIyi/S6IFUhR92wPVGtEiX4wx0dYcy2i9d:5XIbS65H9rP764w2Pc9d

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Transfer\level.dat6
    1⤵
    • Modifies registry class
    PID:5004
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads