Overview

overview

3

Static

static

1

Gorilla-Ta...in.zip

windows7-x64

1

Gorilla-Ta...ICENSE

windows7-x64

1

Gorilla-Ta...DME.md

windows7-x64

3

Gorilla-Ta...ld.sln

windows7-x64

3

Gorilla-Ta...der.cs

windows7-x64

3

Gorilla-Ta...tch.cs

windows7-x64

3

Gorilla-Ta...ods.cs

windows7-x64

3

Gorilla-Ta...oin.cs

windows7-x64

3

Gorilla-Ta...ave.cs

windows7-x64

3

Gorilla-Ta...tif.cs

windows7-x64

3

Gorilla-Ta...gin.cs

windows7-x64

3

Gorilla-Ta...nfo.cs

windows7-x64

3

Gorilla-Ta...GUI.cs

windows7-x64

3

Gorilla-Ta...enu.cs

windows7-x64

3

Gorilla-Ta...tch.cs

windows7-x64

3

Gorilla-Ta...ger.cs

windows7-x64

3

Gorilla-Ta...our.cs

windows7-x64

3

Gorilla-Ta...Lib.cs

windows7-x64

3

Gorilla-Ta...der.cs

windows7-x64

3

Gorilla-Ta...xer.cs

windows7-x64

3

Gorilla-Ta...nfo.cs

windows7-x64

3

Gorilla-Ta...csproj

windows7-x64

3

Gorilla-Ta...hit.cs

windows7-x64

3

Resubmissions

08/03/2024, 05:33

240308-f81g1sgc66 3

08/03/2024, 05:29

240308-f62bjagb97 3

Analysis

  • max time kernel
    1805s
  • max time network
    1819s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 05:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main/ShibaGT Gold/Displyy_Template/UI/MenusGUI.cs

  • Size

    17KB

  • MD5

    75022c4adc8307afa569e740dd0ecdc1

  • SHA1

    e7dc71b179516d85a859866d012495d9933b8515

  • SHA256

    43ae23dac2c77cf7a3733edc347de00e5253c1ae22322fa020fec6ad469566bf

  • SHA512

    d50a4391d45c69f9889293fcb541283581f723bcc3e668cdda8456e9e63a8d358c3091d4df18f4408992bd16704a00283c2aec3f298874367d1c025eac70cdc3

  • SSDEEP

    384:9EkwyNbmsOnGnUnHn73M44xfLIDtWr0pWFw6w1w8wyIuw1wbIBj/m:ikwRnGnUnHn7844xfLIDtWVFw6w1w8wG

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious behavior: CmdExeWriteProcessMemorySpam 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main\ShibaGT Gold\Displyy_Template\UI\MenusGUI.cs"
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:2784
    • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
      "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main\ShibaGT Gold\Displyy_Template\UI\MenusGUI.cs"
      2⤵
      • Suspicious behavior: CmdExeWriteProcessMemorySpam
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of SetWindowsHookEx
      PID:3044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    8b42cb0b305eedc0fdd1a0c799b852b8

    SHA1

    306af5a35a5cf7e4a6cec9f7891d46ce66069632

    SHA256

    33bc711e486d40f524647b20f72057e0527f453e4b0233926a9ddbd1e2570828

    SHA512

    6967238d1ed7389b80d7bd2b78eb7bee4352d8783ac804b7af3e85b9530f6684762abb8f7502792444958e196e264552c037c3595aa0cd1a9466a4e89b499040

    Download Submit