Overview

overview

3

Static

static

1

Prefetch/T...F52.pf

windows7-x64

3

Prefetch/T...F52.pf

windows10-2004-x64

3

Prefetch/T...663.pf

windows7-x64

3

Prefetch/T...663.pf

windows10-2004-x64

3

Prefetch/T...088.pf

windows7-x64

3

Prefetch/T...088.pf

windows10-2004-x64

3

Prefetch/U...FF8.pf

windows7-x64

3

Prefetch/U...FF8.pf

windows10-2004-x64

3

Prefetch/U...F7D.pf

windows7-x64

3

Prefetch/U...F7D.pf

windows10-2004-x64

1

Prefetch/U...499.pf

windows7-x64

3

Prefetch/U...499.pf

windows10-2004-x64

3

Prefetch/U...F9A.pf

windows7-x64

3

Prefetch/U...F9A.pf

windows10-2004-x64

3

Prefetch/U...053.pf

windows7-x64

3

Prefetch/U...053.pf

windows10-2004-x64

3

Prefetch/U...36B.pf

windows7-x64

3

Prefetch/U...36B.pf

windows10-2004-x64

3

Prefetch/U...8E9.pf

windows7-x64

3

Prefetch/U...8E9.pf

windows10-2004-x64

3

Prefetch/U...AEB.pf

windows7-x64

3

Prefetch/U...AEB.pf

windows10-2004-x64

3

Prefetch/U...ADF.pf

windows7-x64

3

Prefetch/U...ADF.pf

windows10-2004-x64

3

Prefetch/V...D8E.pf

windows7-x64

3

Prefetch/V...D8E.pf

windows10-2004-x64

3

Prefetch/V...BF2.pf

windows7-x64

3

Prefetch/V...BF2.pf

windows10-2004-x64

3

Prefetch/V...52A.pf

windows7-x64

3

Prefetch/V...52A.pf

windows10-2004-x64

3

Prefetch/V...D16.pf

windows7-x64

3

Prefetch/V...D16.pf

windows10-2004-x64

3

Resubmissions

25-03-2024 21:05

240325-zxdnnahe48 3

25-03-2024 20:59

240325-zswcxahd77 3

25-03-2024 20:56

240325-zq3dfahd45 3

25-03-2024 20:51

240325-zm6xfshc96 3

25-03-2024 20:45

240325-zj6ghsca7s 3

25-03-2024 20:38

240325-zezs6shb67 3

25-03-2024 20:36

240325-zdscpshb45 3

Analysis

  • max time kernel
    20s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-03-2024 20:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Prefetch/VC_REDIST.X86.14.32.31332.0.E-F067952A.pf

  • Size

    21KB

  • MD5

    494a76d07573ceaa6014091c10ecbabc

  • SHA1

    1ecab609efaccfe33d4d9447dac202751dee1c6d

  • SHA256

    92ba91c8943d8e76f52df1f13b34a8ec1297144f522639a2fc07054ac2f06d43

  • SHA512

    3277eb2a3928ae08960a54576649f924dee6b00e5a39ff7985400d4044f456d5c58c1db3d3082fff8f9d76b051c6725677e3e6676d2cc3fff5a5cf76d0f32c00

  • SSDEEP

    384:+QB0/v8gslF3wOg0fjBPtTrHZfeqz5qJ72srb7qQbaVclf1:Tgs40PZ1fsbaV4f1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Prefetch\VC_REDIST.X86.14.32.31332.0.E-F067952A.pf
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2612
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Prefetch\VC_REDIST.X86.14.32.31332.0.E-F067952A.pf
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2688
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Prefetch\VC_REDIST.X86.14.32.31332.0.E-F067952A.pf"
        3⤵
        • Suspicious use of SetWindowsHookEx
        PID:2464

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b382390abbc821dda78c9eba8713c0c2

    SHA1

    bee08ffcb20058fa3a2cf837b2f1f6a78da0e47c

    SHA256

    ff9003be4a7437c6732b559dfb9eb11cf3c07660e677adca0c6a318df6ccb354

    SHA512

    de63d5912c03f33c41f03cff2e6caaafd3d2f637c6c2e540dd511b4584cc129e9dc80816eda1b6421dd9e56e51402acaecbaf177b2d1b198058c028d6b58afad

    Download Submit