Overview

overview

10

Static

static

3

@!#SETUP_F..._$.rar

windows11-21h2-x64

3

Setup.exe

windows11-21h2-x64

10

acdbase.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

api-ms-win...-0.dll

windows11-21h2-x64

1

epiphragm.psd

windows11-21h2-x64

3

libmmd.dll

windows11-21h2-x64

1

sulphanilamide.yaml

windows11-21h2-x64

3

updater.exe

windows11-21h2-x64

1

vcruntime140.dll

windows11-21h2-x64

1

x64/App.xbf

windows11-21h2-x64

3

x64/AzureK...ib.dll

windows11-21h2-x64

1

x64/BugReporter.exe

windows11-21h2-x64

1

x64/ComExtractor.exe

windows11-21h2-x64

1

x64/Micros...st.dll

windows11-21h2-x64

1

x64/Micros...ml.dll

windows11-21h2-x64

1

x64/Repack...ge.xbf

windows11-21h2-x64

3

x64/WinUiB...er.dll

windows11-21h2-x64

1

x64/api-ms...-0.dll

windows11-21h2-x64

1

x64/resources.pri

windows11-21h2-x64

3

x86/App.xbf

windows11-21h2-x64

3

x86/MessagesList.xbf

windows11-21h2-x64

3

x86/Repack...st.xml

windows11-21h2-x64

1

x86/StartPage.xbf

windows11-21h2-x64

3

x86/sccm.V...st.xml

windows11-21h2-x64

x86/updater.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    150s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240419-en
  • resource tags

    arch:x64arch:x86image:win11-20240419-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    28-04-2024 17:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sulphanilamide.yaml

  • Size

    77KB

  • MD5

    68acfc368c5fb4c1523bbe7894e75b9f

  • SHA1

    1f5895cfab8a22eb55e077f04525dc7fd25c1049

  • SHA256

    391bcd9c7df6e29fb4262be92ba02aab4019cdb138a3e5c962035db26ffc1f72

  • SHA512

    7361cd7748d848aa9352fd4749acbe36fba02fe3ac2d8773cbc536011abf97fc90a8a2414c2b57eed90a86c5942201df0e2ef32c5ab3045fd0a1dafdbe896d7f

  • SSDEEP

    768:A+s/A/Q9sYz7ObmTURWzr9dGA72Cv2dGFWrNPnDqN/acXmA2r+HbvD6h0s7BtlxM:FscXYejO/D8N70BE/7rimRS9OErr

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\sulphanilamide.yaml
    1⤵
    • Modifies registry class
    PID:2596
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads