Overview

overview

3

Static

static

1

stroop-master.zip

windows11-21h2-x64

1

stroop-mas...x.html

windows11-21h2-x64

1

stroop-mas...ers.js

windows11-21h2-x64

1

stroop-mas...oop.js

windows11-21h2-x64

1

stroop-mas...oop.py

windows11-21h2-x64

3

stroop-mas...run.py

windows11-21h2-x64

3

stroop-mas...s.xlsx

windows11-21h2-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240412-en
  • resource tags

    arch:x64arch:x86image:win11-20240412-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    23-04-2024 15:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    stroop-master/stroop_lastrun.py

  • Size

    16KB

  • MD5

    b4bd22ca7a59ac2691de4d2378f4b916

  • SHA1

    744183a77b3d31ab9d5183aed3141936d70a18e3

  • SHA256

    8cd8aeac310020d007ec5e468d63b7aa9456db94298fc2f6a266d1b33985caa5

  • SHA512

    37f1df8960d44719429b5db6c139710d355f9f49fc04cd2c207242290b592afd07cc62cd7ddaee6905ad9b0337387b2e4ab76847525724519b444dee51a9ccb7

  • SSDEEP

    384:2HiTOzL3oPCmel3873XQs0efdsbXhAPHPWWSr1zaK:2CizgCmep873XQ5efWbXh6H+WSrJx

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\stroop-master\stroop_lastrun.py
    1⤵
    • Modifies registry class
    PID:5060
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3876

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads