Overview

overview

3

Static

static

1

main.zip

windows7-x64

1

main.zip

windows10-2004-x64

1

Pet-Simula...ignore

windows7-x64

3

Pet-Simula...ignore

windows10-2004-x64

3

Pet-Simula...ICENSE

windows7-x64

1

Pet-Simula...ICENSE

windows10-2004-x64

1

Pet-Simula...ocfile

windows7-x64

1

Pet-Simula...ocfile

windows10-2004-x64

1

Pet-Simula...DME.md

windows7-x64

3

Pet-Simula...DME.md

windows10-2004-x64

3

Pet-Simula...p.json

windows7-x64

3

Pet-Simula...p.json

windows10-2004-x64

3

Pet-Simula...t__.py

windows7-x64

3

Pet-Simula...t__.py

windows10-2004-x64

3

Pet-Simula...n__.py

windows7-x64

3

Pet-Simula...n__.py

windows10-2004-x64

3

Pet-Simula...fig.py

windows7-x64

3

Pet-Simula...fig.py

windows10-2004-x64

3

Pet-Simula...unc.py

windows7-x64

3

Pet-Simula...unc.py

windows10-2004-x64

3

Pet-Simula...unc.py

windows7-x64

3

Pet-Simula...unc.py

windows10-2004-x64

3

Pet-Simula...elp.py

windows7-x64

3

Pet-Simula...elp.py

windows10-2004-x64

3

Pet-Simula...art.py

windows7-x64

3

Pet-Simula...art.py

windows10-2004-x64

3

Pet-Simula...ube.py

windows7-x64

3

Pet-Simula...ube.py

windows10-2004-x64

3

Pet-Simula...ata.py

windows7-x64

3

Pet-Simula...ata.py

windows10-2004-x64

3

Pet-Simula...ts.txt

windows7-x64

1

Pet-Simula...ts.txt

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01/02/2024, 20:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Pet-Simulator-99-Pet-Duplicator-main/plugins/start.py

  • Size

    725B

  • MD5

    741d0f452456c67be520e68ee4561402

  • SHA1

    2cb4de0c6a2ecc941f09e207be85d70859770f7f

  • SHA256

    d092f03f1b4b23a339e648cf39d387e36318fd9e9b9cfa0fa93e09df8fe5481e

  • SHA512

    16e48254c11dfcbbee10f9cb813f5b21b285df7d9987a0c128ca3077845ab2c97089dc85bda215e40d7666122647a351a163ef3586c21721d004411146520e10

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Pet-Simulator-99-Pet-Duplicator-main\plugins\start.py
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Pet-Simulator-99-Pet-Duplicator-main\plugins\start.py
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:3024
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Pet-Simulator-99-Pet-Duplicator-main\plugins\start.py"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2728

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          d5c000530e4b5d1925e45987b92c9f64

          SHA1

          00129aa1145a6a7af9e7afce4b65f1ca88b01e35

          SHA256

          03a48a0ce133d447f9df956d85ba7a21cc1cbc0367f276dd224eb44c17123f43

          SHA512

          959a2495d0d3a354be4f17514765de69a11ae89211efa0a4c7a2d663fdc30124cdfccbab607a0adcb51c66da6ffef676228771c9ed670bf95c62044939483c2a

          Download Submit