Resubmissions

09-04-2024 07:12

240409-h1mx3ahc23 7

05-04-2024 19:43

240405-yfghjscf76 10

Analysis

  • max time kernel
    1s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    09-04-2024 07:12

General

  • Target

    BSR.pyc

  • Size

    10.5MB

  • MD5

    7a0e5fbbbaf82bbf0be66c5761dfbe7c

  • SHA1

    b837618235d17c2fee6a02f0d3eadedc8d25d549

  • SHA256

    ee4cac072df122d13ec3dfbdb1fe276a9d0193fec3b6552088eead067e36cca8

  • SHA512

    644e36d6e7d043386c78aca405dcd208d283525743cb3509c1e292875ec877e32cee792aacc107ddee1b11dcfa480319299e084d3150bb169a63a24cef4003bb

  • SSDEEP

    24:SfLFtLyxnSanyXUSanyXndzmiCCHBSanyHcXRSany+SanykSanyMo3SanyS9wSau:SfL72iCDkRZW7PvWWbrs8r

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\BSR.pyc
    1⤵
    • Modifies registry class
    PID:2524
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads