Overview

overview

3

Static

static

1

ваня3�...lc.zip

windows7-x64

1

ваня3�...lc.zip

windows10-2004-x64

1

DLC/dlc040...40.dlc

windows7-x64

3

DLC/dlc040...40.dlc

windows10-2004-x64

3

DLC/dlc040...ry.gfx

windows7-x64

3

DLC/dlc040...ry.gfx

windows10-2004-x64

3

DLC/dlc040...es.gfx

windows7-x64

3

DLC/dlc040...es.gfx

windows10-2004-x64

3

DLC/dlc040...ks.gfx

windows7-x64

3

DLC/dlc040...ks.gfx

windows10-2004-x64

3

DLC/dlc040...es.gfx

windows7-x64

3

DLC/dlc040...es.gfx

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

3

DLC/dlc040....asset

windows7-x64

3

DLC/dlc040....asset

windows10-2004-x64

1

DLC/dlc040...ns.txt

windows7-x64

1

DLC/dlc040...ns.txt

windows10-2004-x64

1

DLC/dlc040...ns.txt

windows7-x64

1

DLC/dlc040...ns.txt

windows10-2004-x64

1

DLC/dlc040...ll.dds

windows7-x64

3

DLC/dlc040...ll.dds

windows10-2004-x64

3

DLC/dlc040...ll.dds

windows7-x64

3

DLC/dlc040...ll.dds

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19/03/2024, 15:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    DLC/dlc040_trial_of_allegiance/gfx/entities/TOA_units_infantry.asset

  • Size

    58KB

  • MD5

    74181f9476f2d685d2a7556e869993e4

  • SHA1

    367d450b2e2d90404aeafb2f37ffc96e6a3aeab2

  • SHA256

    7d4a040f9521fab8bb466baa730d17b76f45ec720bc7f38f90373f0fca31d5cc

  • SHA512

    223466b0d8d46c1006ec2ca1c83807f4232660633159b3c0a29330613cad9a7f5d57c5b5de49333da5cca59ae4ec10c88bea7aa51a5a7453fd7953b0e3d8c624

  • SSDEEP

    1536:AgZ0MzZmuEM4kOBpcIYKvZ040emuA44g2BpcbYHgGZ0Ao8cX+8pcIYRg5Z0Ao8cZ:AgZ0MzZmuEM4kOBpcIYKvZ040emuA44V

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\DLC\dlc040_trial_of_allegiance\gfx\entities\TOA_units_infantry.asset
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2268
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\DLC\dlc040_trial_of_allegiance\gfx\entities\TOA_units_infantry.asset
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2580
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\DLC\dlc040_trial_of_allegiance\gfx\entities\TOA_units_infantry.asset"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2608

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          d7ed14756505df6a72f55a20cb3abfe1

          SHA1

          30b2b6264d6229c3b0ae5620c494e4c1ddf0e990

          SHA256

          6f296edc2940e214dc7cbc2e6244e0998d08cd8c76b95c80fdb2f741eafd01ba

          SHA512

          3f8805f63ba95aaf7ca7d215ad61f7e24c68e1d5bc5c214252beed4be3142c846f5d8dc4720667c9c312d2fd262be9e2aed59dfe712edcdcc3a6a571706c0744

          Download Submit