Resubmissions
27-03-2024 17:10
240327-vp3klabh7y 1027-03-2024 17:07
240327-vnfdnsbh4w 327-03-2024 17:03
240327-vknwmsbg61 10Analysis
-
max time kernel
90s -
max time network
92s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system -
submitted
27-03-2024 17:10
Static task
static1
Behavioral task
behavioral1
Sample
SKRIPTGG-FIVEM-main.zip
Resource
win11-20240221-en
Behavioral task
behavioral2
Sample
SKRIPTGG-FIVEM-main/README.md
Resource
win11-20240221-en
Behavioral task
behavioral3
Sample
SKRIPTGG-FIVEM-main/Skript.rar
Resource
win11-20240221-en
Behavioral task
behavioral4
Sample
launcher.exe
Resource
win11-20240221-en
Behavioral task
behavioral5
Sample
SKRIPTGG-FIVEM-main/license.dll
Resource
win11-20240221-en
General
-
Target
SKRIPTGG-FIVEM-main/README.md
-
Size
383B
-
MD5
cb0b4cd4ce17d2d75fa1626447c0ef78
-
SHA1
bb26911f880dbb56bbcabd75e249fd861e092f3a
-
SHA256
6f353b611f52ff5238c7633de9fb36d90d3e1b29fa34e0ca8a70665520a89768
-
SHA512
2047d9afafec24a82152fbc3638cfbd35dcf32cb9502317b0bd7c90f0c7f008740495791583d16668a7ed224a82f8bf9068574706679f0ae147c36b07467bbe7
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc Process Key created \REGISTRY\USER\S-1-5-21-1637591879-962683004-3585269084-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-1637591879-962683004-3585269084-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid Process 2012 OpenWith.exe