Overview

overview

5

Static

static

3

Plex-1.88....64.exe

windows7-x64

3

Plex-1.88....64.exe

windows10-2004-x64

5

web-client...A.json

windows7-x64

3

web-client...A.json

windows10-2004-x64

3

web-client...r.json

windows7-x64

3

web-client...r.json

windows10-2004-x64

3

web-client...e.json

windows7-x64

3

web-client...e.json

windows10-2004-x64

3

web-client...r.json

windows7-x64

3

web-client...r.json

windows10-2004-x64

3

web-client...u.json

windows7-x64

3

web-client...u.json

windows10-2004-x64

3

web-client...s.json

windows7-x64

3

web-client...s.json

windows10-2004-x64

3

web-client...t.json

windows7-x64

3

web-client...t.json

windows10-2004-x64

3

web-client...a.json

windows7-x64

3

web-client...a.json

windows10-2004-x64

3

web-client...o.json

windows7-x64

3

web-client...o.json

windows10-2004-x64

3

web-client...t.json

windows7-x64

3

web-client...t.json

windows10-2004-x64

3

web-client...y.json

windows7-x64

3

web-client...y.json

windows10-2004-x64

3

web-client...l.json

windows7-x64

3

web-client...l.json

windows10-2004-x64

3

web-client...o.json

windows7-x64

3

web-client...o.json

windows10-2004-x64

3

web-client...l.json

windows7-x64

3

web-client...l.json

windows10-2004-x64

3

web-client...R.json

windows7-x64

3

web-client...R.json

windows10-2004-x64

3

Analysis

  • max time kernel
    150s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-03-2024 17:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    web-client/translations/pl.json

  • Size

    229KB

  • MD5

    9ea17fa0857e212627af762da17fa65d

  • SHA1

    3790166e767b6386a7d81c13c24830fa31afc3a8

  • SHA256

    3955bfa051a8aa8e7a4576e2d76839dd867e73076ad5326806bd4b668b2aaa02

  • SHA512

    922e6f350de0db3ccc00c6f72d65145071dd4b6954d832c7d0890029c07d8fbf28be57d846e7457e43342e298316cf28b1c9d480bdc19dc71a26d4f54b708c43

  • SSDEEP

    3072:p3inCqVoZoPVqD0g4bf9S33k5sJklGouUFUnZe4rhcy/NvY0zjha2HYs5DKBTjsh:KXZS331TjYIp4sqTi6YnLgXhyce

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\web-client\translations\pl.json
    1⤵
    • Modifies registry class
    PID:544
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4136

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads