eac0f3d162b8aa13eb8095fb3c871f6a787bc287f7afb9eb49993a3396c2a31f

Resubmissions

25/02/2024, 10:14

240225-l9r5xsab3s 7

25/02/2024, 10:08

240225-l6argaaa6s 7

Analysis

max time kernel
92s
max time network
128s
platform
windows10-2004_x64
resource
win10v2004-20240221-uk
resource tags

arch:x64arch:x86image:win10v2004-20240221-uklocale:uk-uaos:windows10-2004-x64systemwindows
submitted
25/02/2024, 10:08

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

shadersandtextures/world.glsl
Size

13KB
MD5

0bc829a740532ee460bba31b5ff8082a
SHA1

b52321b679e9abcd64aaee06164e539766fa2d9c
SHA256

a9dc937a860338dfc78d8390df50903cdcbee7ed0b8d1bda63e3845b506961db
SHA512

0fb057e5426b68751b93d996c8cfea04b77a1a829e8e2429036d80bc10043814cbeaa33e3afefb5ccecee8cb6c1b977724726e266015d24141b4f3353ebdd4d3
SSDEEP

192:4baztwHaztw2aztwfDtwMyHHHPHxyHXHfHZyHoH+H7yHAH0HvyH5HoHGyHGHCH25:sAtwHAtw2AtwfDtwZj

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-1712835645-2080934712-2142796781-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1564	OpenWith.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\shadersandtextures\world.glsl
1⤵
- Modifies registry class
PID:2400

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads