Analysis

  • max time kernel
    123s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-05-2024 23:11

General

  • Target

    freshwomen-season-2-episode-2-part-3-pc-720p-compressed/lib/python2.7/BaseHTTPServer.pyo

  • Size

    22KB

  • MD5

    17a30466cbfbed83fe96d52d029e4bf6

  • SHA1

    8828b7b43360184f57bff03fafee2f2c9962c2e4

  • SHA256

    122bc148794e6781fbc177e308ac15554ab2d3cc61607f76ffe9bc3b8784a1f0

  • SHA512

    51dbdc7312809c4c7576874056bb81b764049727021fa57ff77a0b6c3e5becb9f7f269f2c6e422076c293b9fd437c53a15cc6f6e7a88ed309eb735863b783f44

  • SSDEEP

    384:LphmB/EgvQlR4Cy9VLFvJYVQ4mfazUMYdpKm66R+TlHZ0eGEFgyogj2N:LphmB/1vmEHh0Qozx/m66R+B50eGEFPm

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\freshwomen-season-2-episode-2-part-3-pc-720p-compressed\lib\python2.7\BaseHTTPServer.pyo
    1⤵
    • Modifies registry class
    PID:452
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4796

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads