Overview

overview

4

Static

static

1

Cisco's Fa...4b.zip

windows10-1703-x64

1

manifest.json

windows10-1703-x64

3

modlist.html

windows10-1703-x64

4

overrides/...t.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...ks.cfg

windows10-1703-x64

3

overrides/...g.json

windows10-1703-x64

3

overrides/...er.png

windows10-1703-x64

3

overrides/...er.png

windows10-1703-x64

3

overrides/...er.png

windows10-1703-x64

3

overrides/...t.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...t.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...r.toml

windows10-1703-x64

3

overrides/...t.toml

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...r.toml

windows10-1703-x64

3

overrides/...ns.txt

windows10-1703-x64

1

overrides/...t.json

windows10-1703-x64

3

overrides/...n.toml

windows10-1703-x64

3

overrides/...s.toml

windows10-1703-x64

3

overrides/...ple.js

windows10-1703-x64

3

overrides/...erties

windows10-1703-x64

3

overrides/...erties

windows10-1703-x64

3

overrides/...ple.js

windows10-1703-x64

3

overrides/...mod.js

windows10-1703-x64

3

overrides/...ple.js

windows10-1703-x64

3

overrides/...rt.zip

windows10-1703-x64

1

overrides/...sco.zs

windows10-1703-x64

3

Analysis

  • max time kernel
    133s
  • max time network
    141s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    20-05-2024 05:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    manifest.json

  • Size

    24KB

  • MD5

    969ee9987cc0b322ce2db252c198997c

  • SHA1

    f1a48b60805da232cf16f8659bcf86993864f757

  • SHA256

    94b7aefab3ce7a211ba00192d2df04530fe11634a2ecf65d861eb6be354b68cf

  • SHA512

    a7fa9ae1f347d5e12cfb8d5e790de75b4610919da2f2825a674229b4bfbbd5f7527493f9c145ae746ac58fea80455330c09e80972b380aedf984f07d92eb3283

  • SSDEEP

    192:wZwIY3tXSGf1JVYI9Y8x2Fde6OlJplBCfcWflrOhRderpoXSpPCvCu4DzuJyQVL/:XFYwQRG

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\manifest.json
    1⤵
    • Modifies registry class
    PID:1352
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads