Overview

overview

10

Static

static

10

possible malware.zip

windows7-x64

1

possible malware.zip

windows10-2004-x64

1

Malware-Fe...afa11b

windows7-x64

1

Malware-Fe...afa11b

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...368967

windows7-x64

1

Malware-Fe...368967

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...c43893

windows7-x64

1

Malware-Fe...c43893

windows10-2004-x64

1

Malware-Fe...aaa686

windows7-x64

1

Malware-Fe...aaa686

windows10-2004-x64

1

Malware-Fe...9f9f90

windows7-x64

1

Malware-Fe...9f9f90

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...ff77d8

windows7-x64

1

Malware-Fe...ff77d8

windows10-2004-x64

1

Malware-Fe...f5860a

windows7-x64

1

Malware-Fe...f5860a

windows10-2004-x64

1

Malware-Fe...aa65d0

windows7-x64

1

Malware-Fe...aa65d0

windows10-2004-x64

1

Analysis

  • max time kernel
    107s
  • max time network
    82s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/04/2024, 01:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Malware-Feed-master/2020.07.28_FBI-FLASH-MI-000130-MW/README.md

  • Size

    72B

  • MD5

    0527842fbf758cbe02a4d1417250a3d3

  • SHA1

    33ec0d879781a26c800b823d13b6dcd228900be1

  • SHA256

    0c8668604e05ae2e1d1d369ae5992f61a0f625e0714730b10b1e13e849f699ca

  • SHA512

    b9d49bb1af83ec183eb32e37bad6eafc0726003fff8fa6788a06bf9bbdd16e08e461f90aa063a3e59d08208beedf893750e10fcd1aaa8f77cfacf38a080c53a4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0fb0607d1e25a0a3d3fd563ab8942974

    SHA1

    eb7bc0a90c3f544d09528d4fd77af8e350ba168c

    SHA256

    882fa1ce46bdbc434637d3d957c5e787095d2182386e9eaa7ae5363ce3f8c5d6

    SHA512

    d1d9546f4fc7bc4ff067178178c504a96196e65197c35c2e2d82cb48b24b78b80ef2c9e6fb1ecf49e7fb62bcfdc138762dd82a4556129d40ca5eb8a3c46c0a4b

    Download Submit