Analysis

  • max time kernel
    187s
  • max time network
    257s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    09-04-2024 00:22

General

  • Target

    Wave/dist/shared/wave.d.luau

  • Size

    4KB

  • MD5

    59d632df071daad600a90dcc9b3efaa5

  • SHA1

    6272375c7a87dda2616e935e8a921e9af1fe37a3

  • SHA256

    927a1b9adfb0962908b60a70c6903a5ff72a6893760ee73db581f2c310e91eb0

  • SHA512

    d811869d50980256716733d04f4f77e9d6a223ff3c3844b513dd2826f8cb262e5011b2115c3dc4b24efb8743d5e430368b443356863fd639c4d0821c031b5e91

  • SSDEEP

    48:1BBj5GSCuv70v7xGs7OU8q47BD4B8yp5x4pbpweqY+tYmPFYknFYE7Vf52+n+iQf:/uBfCDSTEUVldH/o

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Wave\dist\shared\wave.d.luau
    1⤵
    • Modifies registry class
    PID:2500
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:224

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads