Analysis
-
max time kernel
85s -
max time network
137s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
19-03-2024 18:27
Static task
static1
Behavioral task
behavioral1
Sample
LEON Y AGUILA.jpeg
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
LEON Y AGUILA.jpeg
Resource
win10v2004-20231215-en
General
-
Target
LEON Y AGUILA.jpeg
-
Size
59KB
-
MD5
c6c116a986ec58586d1eb208520847a8
-
SHA1
7c25c7671cc466c908e9a3b8befd6f683c2b0abc
-
SHA256
de21fa362243379fcd79e0afc1eb2190eba4f772a4ff2ef7cb08cd5131cb010b
-
SHA512
c3e84b758fb151eeb967f1fe69079d4f12b77a1c98a53570525b80409f13cfcd395647dbb130dfc36f8d11eb50283bfee3b37f545de7a4b7fdcae14178a9bd38
-
SSDEEP
1536:APT3xq7mCnTKLzn5Oc12i4AknX4B2LH14p0mOuGyk9Tuo:Ai3nTKv52i4rXi2LH14p0aGyiuo
Malware Config
Signatures
Processes
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\LEON Y AGUILA.jpeg"1⤵PID:2116
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:21⤵PID:2444
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:81⤵PID:2704
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:81⤵PID:1976
-
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"1⤵PID:2748
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=2180 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:11⤵PID:2396
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=1512 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:11⤵PID:592
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1724 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:21⤵PID:1336
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=1396 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:11⤵PID:2200
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:81⤵PID:2668
-
C:\Program Files\Google\Chrome\Application\chrome.exe"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --mojo-platform-channel-handle=4056 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:11⤵PID:1612
-
C:\Program Files (x86)\Windows Media Player\wmplayer.exe"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:11⤵PID:1724
-
C:\Program Files (x86)\Windows Media Player\setup_wm.exe"C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:12⤵PID:2348
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
196KB
MD5813c1b41e435242e7365a4bcd7adcf23
SHA12d25e1564eaf93455640413b95646b3f88f9075b
SHA25670cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542
SHA512268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e
-
Filesize
987B
MD5c4233f909fd624ba595621eb8cc54fe0
SHA1fd7a8e1b306b9f0ec0f70f93a62b1ce1cf53ed8a
SHA25625404d5ae0d7c853d2a7c69121b3a4d5abf842543791e00917459ff3c90ee068
SHA512b0115999e3372d6bbe5672bfda7d6df0f6fa864f0e24d9c26304b535acd8a08fc66c5dffdd41d2a1dd4de92c14543cf62814006ceada1f5d86caedc5d463792e
-
Filesize
1KB
MD53a7fb58e3ad340a8071b48f2d3d96691
SHA1a1c254e1c8d861edb5ee0d08ac98a4c882e7fb5d
SHA256b9e4eb8512d24aee9551698838e65b954c0e2c86b3cd615de93718e453cb1999
SHA512c00bd8290a1d2ae4365fb84d6e05f3376395ffecb1841cf1bd8eef1152e2537cd495357433e07d992b6c244745ed3d65f1566dcbc6c6ef6c96beb60b29e7b490
-
Filesize
546B
MD5df03e65b8e082f24dab09c57bc9c6241
SHA16b0dacbf38744c9a381830e6a5dc4c71bd7cedbf
SHA256155b9c588061c71832af329fafa5678835d9153b8fbb7592195ae953d0c455ba
SHA512ef1cc8d27fbc5da5daab854c933d3914b84ee539d4d2f0126dc1a04a830c5599e39a923c80257653638b1b99b0073a7174cc164be5887181730883c752ba2f99
-
Filesize
523B
MD5d58da90d6dc51f97cb84dfbffe2b2300
SHA15f86b06b992a3146cb698a99932ead57a5ec4666
SHA25693acdb79543d9248ca3fca661f3ac287e6004e4b3dafd79d4c4070794ffbf2ad
SHA5127f1e95e5aa4c8a0e4c967135c78f22f4505f2a48bbc619924d0096bf4a94d469389b9e8488c12edacfba819517b8376546687d1145660ad1f49d8c20a744e636