Analysis
-
max time kernel
140s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
-
submitted
08/05/2024, 15:37
General
-
Target
filezilla.exe
-
Size
4.0MB
-
MD5
79cef3c9de232d1f58f0e26292376584
-
SHA1
2dd2ab98e8fcf5c720bf3618a3a0b84666ca191d
-
SHA256
26d717e65101b0ccd5d491c406f76a216381410890508d3d154d5aa073698887
-
SHA512
2378c3ea857cbf0ff8b14c7984a0237613533c7f6451bed1ba8e09aeb71ab4c35b7f37f7298259a67467d40925cad4a4e8baf556444215ab84ec9ea4856246c4
-
SSDEEP
49152:o7BUd0rZmYl3zoN/SXsS9BsF91aVi5WgLli6RbJjwKwam6+I8qzPqS6RxC5UIcOM:gZE/cBstwjein2Vj8B
Score
7/10
Malware Config
Signatures
-
Reads data files stored by FTP clients 2 TTPs
Tries to access configuration files associated with programs like FileZilla.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\filezilla.exe"C:\Users\Admin\AppData\Local\Temp\filezilla.exe"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.4MB
-
Filesize
632KB
-
Filesize
340KB
-
Filesize
292KB
-
Filesize
1.8MB
-
Filesize
744KB
-
Filesize
956KB
-
Filesize
2.1MB
-
Filesize
1.2MB
-
Filesize
256KB
-
Filesize
5.0MB
-
Filesize
520KB
-
Filesize
164KB
-
Filesize
1.9MB
-
Filesize
132KB
-
Filesize
656KB
-
Filesize
252KB
-
Filesize
4.1MB
-
Filesize
1.8MB