Overview

overview

7

Static

static

3

teamspeak3....7.zip

windows7-x64

1

teamspeak3....7.zip

windows10-2004-x64

1

teamspeak3...es.txt

windows7-x64

1

teamspeak3...es.txt

windows10-2004-x64

1

teamspeak3...og.txt

windows7-x64

1

teamspeak3...og.txt

windows10-2004-x64

1

teamspeak3...ng.txt

windows7-x64

1

teamspeak3...ng.txt

windows10-2004-x64

1

teamspeak3...oc.txt

windows7-x64

1

teamspeak3...oc.txt

windows10-2004-x64

1

teamspeak3...de.txt

windows7-x64

1

teamspeak3...de.txt

windows10-2004-x64

1

teamspeak3...art.md

windows7-x64

3

teamspeak3...art.md

windows10-2004-x64

3

teamspeak3...de.txt

windows7-x64

1

teamspeak3...de.txt

windows10-2004-x64

1

teamspeak3...go.png

windows7-x64

3

teamspeak3...go.png

windows10-2004-x64

3

teamspeak3...y.html

windows7-x64

1

teamspeak3...y.html

windows10-2004-x64

1

teamspeak3...et.css

windows7-x64

3

teamspeak3...et.css

windows10-2004-x64

7

teamspeak3...db.txt

windows7-x64

1

teamspeak3...db.txt

windows10-2004-x64

1

teamspeak3...ery.md

windows7-x64

3

teamspeak3...ery.md

windows10-2004-x64

3

teamspeak3...se.txt

windows7-x64

1

teamspeak3...se.txt

windows10-2004-x64

1

teamspeak3...db.dll

windows7-x64

1

teamspeak3...db.dll

windows10-2004-x64

1

teamspeak3...db.dll

windows7-x64

1

teamspeak3...db.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/02/2024, 13:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    teamspeak3-server_win64/doc/serverquery/TeamSpeak_Logo.png

  • Size

    28KB

  • MD5

    0481e496ce4b237802c13ac88cce15ad

  • SHA1

    4f7476fa5b88db34cf30896e22feb072bbf828d8

  • SHA256

    186bf3b2be052beef5896874990a711aca932f841741023bd280f40e31d82570

  • SHA512

    37dc54ad8f7fa0ce085f6013123fbef985f1c8a1a142eb1446c537e8cb69fdc8e71328589eaf25f13b2c16dbb1ea5a93d4405f0a7c439563f0e4753362729624

  • SSDEEP

    768:1a2hAsPpXOkm6zZj2cZQ1r6+Txa1iEBhmUXwH+yAAUpiR1QRDry5Yx3:1a8L5xzOlNq9jwH2Pq1qkM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\teamspeak3-server_win64\doc\serverquery\TeamSpeak_Logo.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2292

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2292-0-0x0000000000320000-0x0000000000321000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2292-1-0x0000000000320000-0x0000000000321000-memory.dmp

          Filesize

          4KB

          Download