Overview

overview

7

Static

static

7

Loveware-master.zip

windows7-x64

1

Loveware-m...ort.md

windows7-x64

3

Loveware-m...gs.yml

windows7-x64

3

Loveware-m...UCT.md

windows7-x64

3

Loveware-m...ING.md

windows7-x64

3

Loveware-m...er.jpg

windows7-x64

3

Loveware-m...er.exe

windows7-x64

7

Loveware-m...4).exe

windows7-x64

7

Loveware-m...gs.ini

windows7-x64

1

Loveware-m...er.png

windows7-x64

3

Loveware-m...re.ico

windows7-x64

3

Loveware-m...re.png

windows7-x64

3

Loveware-m...ki.png

windows7-x64

3

Loveware-m...ar.png

windows7-x64

3

Loveware-m...ICENSE

windows7-x64

1

Loveware-m...ON.txt

windows7-x64

1

Loveware-m...ad.exe

windows7-x64

6

Loveware-m...ME.txt

windows7-x64

1

Loveware-m...re.bat

windows7-x64

4

Loveware-m...kspace

windows7-x64

3

Loveware-m...re.ico

windows7-x64

3

Loveware-m...DME.md

windows7-x64

3

Loveware-m...ig.yml

windows7-x64

3

Analysis

  • max time kernel
    1556s
  • max time network
    1559s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    17/02/2024, 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Loveware-master/Extras/Loveware.ico

  • Size

    129KB

  • MD5

    9f7a2441d67e599dd978cabfa86d4c71

  • SHA1

    ac688a49a9c743fde866fa1214c73dfdf4509c58

  • SHA256

    0c1f29985eb06f03e690a416f2e9b89a07cd9c8ff0a7e4a21142d0835d5fa3aa

  • SHA512

    8be0f3a1321e35b2b87efbadb0cad630ef4b1e72f07b6b5ea4c091203627f75a19e72b032803282b283d1fbb963e3129b692682674a1f1fc2272b999ef3bd42d

  • SSDEEP

    1536:bWA3GOhcjv+qsxkxatPYUqcNcvU85N4W848sSg3PScvFX:b4Pmqsuxa5YUJCU855og/FX

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\Loveware-master\Extras\Loveware.ico
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1680

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1680-0-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1680-1-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB

    Download