Analysis
-
max time kernel
1s -
platform
windows11-21h2_x64 -
resource
win11-20240214-en -
resource tags
arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system -
submitted
09-04-2024 07:12
Behavioral task
behavioral1
Sample
Black Myth Wukong 64-bit.exe
Resource
win11-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
BSR.pyc
Resource
win11-20240214-en
3 signatures
150 seconds
General
-
Target
BSR.pyc
-
Size
10.5MB
-
MD5
7a0e5fbbbaf82bbf0be66c5761dfbe7c
-
SHA1
b837618235d17c2fee6a02f0d3eadedc8d25d549
-
SHA256
ee4cac072df122d13ec3dfbdb1fe276a9d0193fec3b6552088eead067e36cca8
-
SHA512
644e36d6e7d043386c78aca405dcd208d283525743cb3509c1e292875ec877e32cee792aacc107ddee1b11dcfa480319299e084d3150bb169a63a24cef4003bb
-
SSDEEP
24:SfLFtLyxnSanyXUSanyXndzmiCCHBSanyHcXRSany+SanykSanyMo3SanyS9wSau:SfL72iCDkRZW7PvWWbrs8r
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-2567984660-2719943099-2683635618-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-2567984660-2719943099-2683635618-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 1088 OpenWith.exe