Analysis

  • max time kernel
    85s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    19-03-2024 18:27

General

  • Target

    LEON Y AGUILA.jpeg

  • Size

    59KB

  • MD5

    c6c116a986ec58586d1eb208520847a8

  • SHA1

    7c25c7671cc466c908e9a3b8befd6f683c2b0abc

  • SHA256

    de21fa362243379fcd79e0afc1eb2190eba4f772a4ff2ef7cb08cd5131cb010b

  • SHA512

    c3e84b758fb151eeb967f1fe69079d4f12b77a1c98a53570525b80409f13cfcd395647dbb130dfc36f8d11eb50283bfee3b37f545de7a4b7fdcae14178a9bd38

  • SSDEEP

    1536:APT3xq7mCnTKLzn5Oc12i4AknX4B2LH14p0mOuGyk9Tuo:Ai3nTKv52i4rXi2LH14p0aGyiuo

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\LEON Y AGUILA.jpeg"
    1⤵
      PID:2116
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1160 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:2
      1⤵
        PID:2444
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:8
        1⤵
          PID:2704
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:8
          1⤵
            PID:1976
          • C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
            "C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
            1⤵
              PID:2748
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --mojo-platform-channel-handle=2180 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:1
              1⤵
                PID:2396
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=1512 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:1
                1⤵
                  PID:592
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1724 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:2
                  1⤵
                    PID:1336
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=1396 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:1
                    1⤵
                      PID:2200
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2672 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:8
                      1⤵
                        PID:2668
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --mojo-platform-channel-handle=4056 --field-trial-handle=1224,i,10109696797317001735,11459319084755124860,131072 /prefetch:1
                        1⤵
                          PID:1612
                        • C:\Program Files (x86)\Windows Media Player\wmplayer.exe
                          "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
                          1⤵
                            PID:1724
                            • C:\Program Files (x86)\Windows Media Player\setup_wm.exe
                              "C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
                              2⤵
                                PID:2348

                            Network

                            MITRE ATT&CK Matrix

                            Replay Monitor

                            Loading Replay Monitor...

                            Downloads

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

                              Filesize

                              196KB

                              MD5

                              813c1b41e435242e7365a4bcd7adcf23

                              SHA1

                              2d25e1564eaf93455640413b95646b3f88f9075b

                              SHA256

                              70cb2151ee4ef83195855d29819491a23c5eafee2e72b7ffd9041b35363d1542

                              SHA512

                              268c4fa1797700a205e37e716c1472592ad6242344645c703ab1ab8d4d68452c3ccce7cdc4d56a0b42d4061bdc793f1c79dffc397f038133387b94b2a1f4051e

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              987B

                              MD5

                              c4233f909fd624ba595621eb8cc54fe0

                              SHA1

                              fd7a8e1b306b9f0ec0f70f93a62b1ce1cf53ed8a

                              SHA256

                              25404d5ae0d7c853d2a7c69121b3a4d5abf842543791e00917459ff3c90ee068

                              SHA512

                              b0115999e3372d6bbe5672bfda7d6df0f6fa864f0e24d9c26304b535acd8a08fc66c5dffdd41d2a1dd4de92c14543cf62814006ceada1f5d86caedc5d463792e

                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                              Filesize

                              1KB

                              MD5

                              3a7fb58e3ad340a8071b48f2d3d96691

                              SHA1

                              a1c254e1c8d861edb5ee0d08ac98a4c882e7fb5d

                              SHA256

                              b9e4eb8512d24aee9551698838e65b954c0e2c86b3cd615de93718e453cb1999

                              SHA512

                              c00bd8290a1d2ae4365fb84d6e05f3376395ffecb1841cf1bd8eef1152e2537cd495357433e07d992b6c244745ed3d65f1566dcbc6c6ef6c96beb60b29e7b490

                            • C:\Users\Admin\AppData\Local\Temp\tmp49923.WMC\allservices.xml

                              Filesize

                              546B

                              MD5

                              df03e65b8e082f24dab09c57bc9c6241

                              SHA1

                              6b0dacbf38744c9a381830e6a5dc4c71bd7cedbf

                              SHA256

                              155b9c588061c71832af329fafa5678835d9153b8fbb7592195ae953d0c455ba

                              SHA512

                              ef1cc8d27fbc5da5daab854c933d3914b84ee539d4d2f0126dc1a04a830c5599e39a923c80257653638b1b99b0073a7174cc164be5887181730883c752ba2f99

                            • C:\Users\Admin\AppData\Local\Temp\tmp53075.WMC\serviceinfo.xml

                              Filesize

                              523B

                              MD5

                              d58da90d6dc51f97cb84dfbffe2b2300

                              SHA1

                              5f86b06b992a3146cb698a99932ead57a5ec4666

                              SHA256

                              93acdb79543d9248ca3fca661f3ac287e6004e4b3dafd79d4c4070794ffbf2ad

                              SHA512

                              7f1e95e5aa4c8a0e4c967135c78f22f4505f2a48bbc619924d0096bf4a94d469389b9e8488c12edacfba819517b8376546687d1145660ad1f49d8c20a744e636