Analysis

  • max time kernel
    1165s
  • max time network
    1170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/01/2024, 17:19

General

  • Target

    6DEMANDA POR DAÑOS Y PERJUICIOS_..msg mwr.msg

  • Size

    46KB

  • MD5

    d66bb2dd868c2d20201f8818d429c61a

  • SHA1

    30ebe13da7520febf0cb3fe14c1c56923e61c85d

  • SHA256

    8a7d5bc88cfc31834e41e91e034e305c8b18efde8ee86b69cc315d3dee3785d0

  • SHA512

    b6ae6bdc115fce20ec5ff4a30af0bca6900d5440832dff2433f87f80b3a9947ef8b4f298625d25d343265e69b15ddf763cf9fa649b4c42feae886d30491fc781

  • SSDEEP

    768:FOwEnFSZmTZpws6fEaksKhsKfenhQ60lwDhR6cEbGC3GKT/Sg:G9z/J+B0lwDhocvKZ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\6DEMANDA POR DAÑOS Y PERJUICIOS_..msg mwr.msg"
    1⤵
    • Modifies registry class
    PID:4696
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:672

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads