Overview

overview

8

Static

static

1

poliigon-a...emy.py

windows10-2004-x64

8

poliigon-a...tte.py

windows10-2004-x64

3

poliigon-a...ite.py

windows10-2004-x64

3

poliigon-a...lib.py

windows10-2004-x64

3

poliigon-a...rry.py

windows10-2004-x64

3

poliigon-a...ing.py

windows10-2004-x64

3

poliigon-a...ado.py

windows10-2004-x64

3

poliigon-a...ond.py

windows10-2004-x64

3

poliigon-a...sgi.py

windows10-2004-x64

3

poliigon-a...ics.py

windows10-2004-x64

3

poliigon-a...tor.py

windows10-2004-x64

3

poliigon-a...ler.py

windows10-2004-x64

3

poliigon-a...ope.py

windows10-2004-x64

3

poliigon-a...ber.py

windows10-2004-x64

3

poliigon-a...zer.py

windows10-2004-x64

3

poliigon-a...ion.py

windows10-2004-x64

3

poliigon-a...ons.py

windows10-2004-x64

3

poliigon-a...ght.py

windows10-2004-x64

3

poliigon-a...ing.py

windows10-2004-x64

3

poliigon-a...ils.py

windows10-2004-x64

3

poliigon-a...py2.py

windows10-2004-x64

3

poliigon-a...py3.py

windows10-2004-x64

3

poliigon-a...ort.py

windows10-2004-x64

3

poliigon-a...ils.py

windows10-2004-x64

3

poliigon-a...ker.py

windows10-2004-x64

3

poliigon-a...ors.py

windows10-2004-x64

3

poliigon-a...ces.py

windows10-2004-x64

3

poliigon-a...ops.py

windows10-2004-x64

3

poliigon-a...ing.py

windows10-2004-x64

3

poliigon-a...box.py

windows10-2004-x64

3

poliigon-a.../ui.py

windows10-2004-x64

3

poliigon-a...ils.py

windows10-2004-x64

3

Analysis

  • max time kernel
    142s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-03-2024 12:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    poliigon-addon-blender/reporting.py

  • Size

    17KB

  • MD5

    e27c2c04c87daea720453729a3e4a17b

  • SHA1

    8f6f1a497ef486903ea0b7ac3ab6ec6cd19f9251

  • SHA256

    413ac071c5acdf25cd64a0293ea5daeaf7c9e028bde77d90a93e49a6ef721a19

  • SHA512

    566ee918c335629a43a0b34d45b2b2ad7981e06b51cc581a9c8ac2306dc7604cfa283283cb450f90b19b9181f3f2b38744c03f5ae3aacb8ffaa26fa4a5b7ace6

  • SSDEEP

    192:Mjf2j4tx+96zCsHX4Nx38O9jyzmWw5GQZjJsMWKTUj6fDpY5RHVhHW3E+StCHoSs:Qf2j4txuLam3qMe+wW3EMdbip

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\poliigon-addon-blender\reporting.py
    1⤵
    • Modifies registry class
    PID:2496
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1004
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3976 --field-trial-handle=2900,i,14549994492153927475,12895178890800740987,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3428

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads