Analysis Overview
SHA256
2d6eb433e813b2a938e494408091a0a5453248214951e548140f199f3e8c60cb
Threat Level: Likely benign
The file sorry your not sigma.png was found to be: Likely benign.
Malicious Activity Summary
Enumerates physical storage devices
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-05-14 16:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-14 16:25
Reported
2024-05-14 16:32
Platform
win7-20240419-en
Max time kernel
122s
Max time network
123s
Command Line
Signatures
Processes
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\sorry your not sigma.jpg"
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-14 16:25
Reported
2024-05-14 16:32
Platform
win10v2004-20240508-en
Max time kernel
216s
Max time network
277s
Command Line
Signatures
Enumerates physical storage devices
Processes
C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\sorry your not sigma.jpg"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 131.253.33.237:443 | g.bing.com | tcp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 237.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 71.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.121.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.16.208.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.32.126.40.in-addr.arpa | udp |