Overview

overview

10

Static

static

10

possible malware.zip

windows7-x64

1

possible malware.zip

windows10-2004-x64

1

Malware-Fe...afa11b

windows7-x64

1

Malware-Fe...afa11b

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...368967

windows7-x64

1

Malware-Fe...368967

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...c43893

windows7-x64

1

Malware-Fe...c43893

windows10-2004-x64

1

Malware-Fe...aaa686

windows7-x64

1

Malware-Fe...aaa686

windows10-2004-x64

1

Malware-Fe...9f9f90

windows7-x64

1

Malware-Fe...9f9f90

windows10-2004-x64

1

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...DME.md

windows7-x64

3

Malware-Fe...DME.md

windows10-2004-x64

3

Malware-Fe...ff77d8

windows7-x64

1

Malware-Fe...ff77d8

windows10-2004-x64

1

Malware-Fe...f5860a

windows7-x64

1

Malware-Fe...f5860a

windows10-2004-x64

1

Malware-Fe...aa65d0

windows7-x64

1

Malware-Fe...aa65d0

windows10-2004-x64

1

Analysis

  • max time kernel
    107s
  • max time network
    82s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13/04/2024, 01:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Malware-Feed-master/2020.07.28_FBI-FLASH-MI-000130-MW/README.md

  • Size

    72B

  • MD5

    0527842fbf758cbe02a4d1417250a3d3

  • SHA1

    33ec0d879781a26c800b823d13b6dcd228900be1

  • SHA256

    0c8668604e05ae2e1d1d369ae5992f61a0f625e0714730b10b1e13e849f699ca

  • SHA512

    b9d49bb1af83ec183eb32e37bad6eafc0726003fff8fa6788a06bf9bbdd16e08e461f90aa063a3e59d08208beedf893750e10fcd1aaa8f77cfacf38a080c53a4

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2644
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2916
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Malware-Feed-master\2020.07.28_FBI-FLASH-MI-000130-MW\README.md"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2420

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0fb0607d1e25a0a3d3fd563ab8942974

    SHA1

    eb7bc0a90c3f544d09528d4fd77af8e350ba168c

    SHA256

    882fa1ce46bdbc434637d3d957c5e787095d2182386e9eaa7ae5363ce3f8c5d6

    SHA512

    d1d9546f4fc7bc4ff067178178c504a96196e65197c35c2e2d82cb48b24b78b80ef2c9e6fb1ecf49e7fb62bcfdc138762dd82a4556129d40ca5eb8a3c46c0a4b

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.