Overview

overview

3

Static

static

1

Gorilla-Ta...in.zip

windows7-x64

1

Gorilla-Ta...ICENSE

windows7-x64

1

Gorilla-Ta...DME.md

windows7-x64

3

Gorilla-Ta...ld.sln

windows7-x64

3

Gorilla-Ta...der.cs

windows7-x64

3

Gorilla-Ta...tch.cs

windows7-x64

3

Gorilla-Ta...ods.cs

windows7-x64

3

Gorilla-Ta...oin.cs

windows7-x64

3

Gorilla-Ta...ave.cs

windows7-x64

3

Gorilla-Ta...tif.cs

windows7-x64

3

Gorilla-Ta...gin.cs

windows7-x64

3

Gorilla-Ta...nfo.cs

windows7-x64

3

Gorilla-Ta...GUI.cs

windows7-x64

3

Gorilla-Ta...enu.cs

windows7-x64

3

Gorilla-Ta...tch.cs

windows7-x64

3

Gorilla-Ta...ger.cs

windows7-x64

3

Gorilla-Ta...our.cs

windows7-x64

3

Gorilla-Ta...Lib.cs

windows7-x64

3

Gorilla-Ta...der.cs

windows7-x64

3

Gorilla-Ta...xer.cs

windows7-x64

3

Gorilla-Ta...nfo.cs

windows7-x64

3

Gorilla-Ta...csproj

windows7-x64

3

Gorilla-Ta...hit.cs

windows7-x64

3

Resubmissions

08/03/2024, 05:33

240308-f81g1sgc66 3

08/03/2024, 05:29

240308-f62bjagb97 3

Analysis

  • max time kernel
    1561s
  • max time network
    1564s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 05:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main/ShibaGT Gold.sln

  • Size

    1012B

  • MD5

    ad731f187f0fab3a769ac19f12bcf5fc

  • SHA1

    c31cde27d388263c7250623a0fed5c564b672041

  • SHA256

    a9c34022db4db6aecf955530c523fb6189dd9fdc78d01ef62aebbce575bb3454

  • SHA512

    d6369e5498e1028abcb3d2527c88d7438d017e739e4e1da0611e19e06f6341e27716bad006f430dda095942c40f9866cc8e5a270ea8d90315c41887794bbd6f5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main\ShibaGT Gold.sln"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:300
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main\ShibaGT Gold.sln
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2668
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Gorilla-Tag-ShibaGT-Gold-Mod-Menu-main\ShibaGT Gold.sln"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2524

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c4c300f190db214119f2de2cb82f60e3

    SHA1

    6735d4e2cab8c40cf2ae33001623b64144748b16

    SHA256

    261ab5ac49848915ca37916134e1cd878f759b1f5ee028b0145df60a02c2a3fd

    SHA512

    2ac37c16126026cc84342098879f094fb07f966677b41f42dd5c080e132702920a0ab39b96314af213a750c1ab6b207bd162a5c3914be05be339fc70be1bcecc

    Download Submit