Analysis

  • max time kernel
    1s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-04-2024 14:57

General

  • Target

    assets/minecraft/lang/es_cl.json

  • Size

    19KB

  • MD5

    a3f2e083d8b639e90619e1483b32d2ca

  • SHA1

    cfb647683f859305f4ae8a0e0059b7beec501cae

  • SHA256

    0ec572cc8011e398290feeecf4ab3b00545963e86109cb1771c45b3c8c49a21e

  • SHA512

    54ccb06a4324e0d6fce0c066ba175a49ee6d4ecb882b3ea9d870eec82384a6001edc5f4fea808b88c61bf1af1829906e16697a8ffd4732548015eb492c8b84c1

  • SSDEEP

    192:rV7bDuuHVz+kM6kDsNlVjSPJLF9tGjmLbIDJpKFBf6YOZihALlc+In6hxBfJFqAc:ZjuuHV66kDsQPJxpIDJp5mnAyAimi

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\assets\minecraft\lang\es_cl.json
    1⤵
    • Modifies registry class
    PID:3104
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2344

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.