Overview

overview

8

Static

static

8

Prometheus-main.zip

windows7-x64

1

Prometheus-main.zip

windows10-2004-x64

1

Prometheus...s/cert

windows7-x64

1

Prometheus...s/cert

windows10-2004-x64

1

Prometheus...eg.key

windows7-x64

3

Prometheus...eg.key

windows10-2004-x64

3

Prometheus...ts.txt

windows7-x64

1

Prometheus...ts.txt

windows10-2004-x64

1

Prometheus...on.txt

windows7-x64

1

Prometheus...on.txt

windows10-2004-x64

1

Prometheus...s/hash

windows7-x64

1

Prometheus...s/hash

windows10-2004-x64

1

Prometheus...on.ico

windows7-x64

3

Prometheus...on.ico

windows10-2004-x64

3

Prometheus...me.txt

windows7-x64

1

Prometheus...me.txt

windows10-2004-x64

1

Prometheus...g.json

windows7-x64

3

Prometheus...g.json

windows10-2004-x64

3

Prometheus...pt.ion

windows7-x64

3

Prometheus...pt.ion

windows10-2004-x64

3

Prometheus...er.htm

windows7-x64

1

Prometheus...er.htm

windows10-2004-x64

1

Prometheus...ar.txt

windows7-x64

1

Prometheus...ar.txt

windows10-2004-x64

1

Prometheus...32.png

windows7-x64

3

Prometheus...32.png

windows10-2004-x64

3

Prometheus...48.png

windows7-x64

3

Prometheus...48.png

windows10-2004-x64

3

Prometheus...64.png

windows7-x64

3

Prometheus...64.png

windows10-2004-x64

3

Prometheus...es.lst

windows7-x64

3

Prometheus...es.lst

windows10-2004-x64

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    23-04-2024 22:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Prometheus-main/Prometheus/env/Scripts/dist/RarFiles.lst

  • Size

    1KB

  • MD5

    eb527f9c93ea1582a4bd650378832fb2

  • SHA1

    568c73973ec190b9fa665e1e7a5649a376314132

  • SHA256

    ca48d2cc23ff761946eb1077bb64522af4238c5340cdd41089cee164b38be494

  • SHA512

    2eafff6f42b1d925f10cbdd63b1940198ecbdb84996be35ecc0c5c488e963e95290c97845c712c85108f3344ca81946f63c9bbe0abaa473bfae1aa9019c6fe58

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Prometheus-main\Prometheus\env\Scripts\dist\RarFiles.lst
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:764
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Prometheus-main\Prometheus\env\Scripts\dist\RarFiles.lst
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2600
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Prometheus-main\Prometheus\env\Scripts\dist\RarFiles.lst"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2584

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    48b3af241b294ce0ca4d402d8a7cfd14

    SHA1

    2df4e1523a6b46da46553f6fc7dc5316e4eaa4e0

    SHA256

    ed98ce78f8534fd6cd9ccbf92fb02a069cbc65402e555face1ecc761c3313c3d

    SHA512

    70f9e80c89b12858c4620abae0e3f15568eb2c5ce956d44a082c294887d2a55210aa37ce62fb9bfcf352663d7cbd9c14f0fc024c9dd85cc4211c1c2100c94181

    Download Submit