Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
13/05/2024, 14:37
General
-
Target
geode/resources/geode.loader/BlankSheet-hd.png
-
Size
582KB
-
MD5
029f655bef88cd05e1a386bcdcd2839f
-
SHA1
0edf5c41a63a4b5fa82b68cdb77383f47bb28299
-
SHA256
77320b37724b17058f1b9409a9ee23d6ba839af455a9cfe576af910aa8eff78d
-
SHA512
cbf53aa5814b64738054c0c2b8ef753ed3bccdf00a6a44fa4ab135734a949fcae323b0abfb8af4416b7c6d97da40fa1165f16e97ca7db5c9dcd6f17ca8fcbe9b
-
SSDEEP
12288:oEF0HUg2OxEak3rPYYq/K2aF1nY3LyIVF2PEq2uAxvU+1rf:oELOeXrPTqK2annMLyoF2PH2JZUaf
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes
-
C:\Windows\System32\rundll32.exeC:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\geode\resources\geode.loader\BlankSheet-hd.png1⤵
- Suspicious use of FindShellTrayWindow
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
4KB