Analysis

  • max time kernel
    147s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2024, 12:42

General

  • Target

    poliigon-addon-blender/modules/sentry_sdk/integrations/wsgi.py

  • Size

    9KB

  • MD5

    f6197f2e7ce4dbec91780331f7d04780

  • SHA1

    b9c2cad78527ea715b63d3e9d073037fae26600c

  • SHA256

    14b953f19469958ca08698c2e45d8e5be2cd62f43c4f3723904646e409ddb1cd

  • SHA512

    6796d492008a1a5c4de43c1e44d7bf19f8d87ce632ea06545a305efcd4f02190cf65751a878b59fa9c1edeb96b27fda1d6acf2f90ec60ca768d2d46f6e462e16

  • SSDEEP

    192:kZLa1Unh7LfvwQkU1QL5yOArYapQCwDtxwsNZfeXLhmaMlb:k5aahNk4+ymuQDHHLfeAaMh

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\poliigon-addon-blender\modules\sentry_sdk\integrations\wsgi.py
    1⤵
    • Modifies registry class
    PID:1632
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3220

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads