Overview

overview

3

Static

static

1

7.png

windows7-x64

3

7.png

windows10-2004-x64

3

Resubmissions

10/04/2024, 07:38

240410-jgk5ssgb59 3

10/04/2024, 07:38

240410-jgchnabd4s 1

10/04/2024, 07:37

240410-jf7meagb38 1

10/04/2024, 07:37

240410-jfza2abc9v 1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 07:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7.png

  • Size

    383KB

  • MD5

    3ac46a4ffb1d1890abaeb2e09e852883

  • SHA1

    a318dd6fa25ce65047ec7b4e3fc3883f202fc759

  • SHA256

    3f44fa72996fb84dcb6d783f07b95ff6d641aa16d806cf37778209ca81b0b3b2

  • SHA512

    25f7a7def5f8fbef5e4f533c0883901730dddbee720ec4a1123a068c87883a4c07cdcd12f0b02836acd34c7483a78f29f4791bb78055b73e8be266bb8b5a7691

  • SSDEEP

    6144:UbSFVmBkfluiXlq6FlghBLywrrNHmGR3tk+FevMiRV6hYfCeY1qYYddl3CNZ2Oxj:A0mifsicolghBLyw1m2tk+AnV6hYbYb3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\7.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1952

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1952-0-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1952-1-0x0000000000310000-0x0000000000311000-memory.dmp

    Filesize

    4KB

    Download