Overview

overview

3

Static

static

1

Apocalypti....blend

windows7-x64

3

Apocalypti....blend

windows10-2004-x64

3

Resubmissions

25/02/2024, 00:03

240225-achpfagh92 6

25/02/2024, 00:00

240225-aasfvsgh83 3

24/02/2024, 23:59

240224-31qdeahf8y 3

24/02/2024, 23:58

240224-31hnkagh74 3

24/02/2024, 23:55

240224-3ymjqsgh64 3

Analysis

  • max time kernel
    1s
  • max time network
    4s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 23:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Apocalyptic Scene.blend

  • Size

    13.4MB

  • MD5

    1617222256ee74600e3757377f51f750

  • SHA1

    acd5139104ae9ed0c2bbe0192335bf0e165b7633

  • SHA256

    82896c8b0bf5664243c87abeaeba51d5ab3a61ee916ac8397ccbc712b042adf2

  • SHA512

    b5b40bbda7025aa7549bb0849452ca7ac9996dcd9a67991dd1120c9a6dde2f40852fc77006d5966eae9cb345ec6e42a776a5e5308356bb3111b5d1e11a74326f

  • SSDEEP

    98304:wVGnASBNIp4QveWw60mXxKfB1ar0jrxlTg5LpcOolWvhLD/xYwPO:wV2Q4Qa6+fC4DTgPcOq

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Apocalyptic Scene.blend"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Apocalyptic Scene.blend
      2⤵
      • Modifies registry class
      PID:1636

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads