Overview

overview

3

Static

static

1

Some Probl...bY.c9r

windows7-x64

3

Some Probl...bY.c9r

windows10-2004-x64

3

Some Probl...34.jpg

windows7-x64

1

Some Probl...34.jpg

windows10-2004-x64

3

Some Probl...FF.c9r

windows7-x64

3

Some Probl...FF.c9r

windows10-2004-x64

3

Some Probl...==.c9r

windows7-x64

3

Some Probl...==.c9r

windows10-2004-x64

3

Some Probl...hO.c9r

windows7-x64

3

Some Probl...hO.c9r

windows10-2004-x64

3

Some Probl...tS.c9r

windows7-x64

3

Some Probl...tS.c9r

windows10-2004-x64

3

Some Probl...UL.c9r

windows7-x64

3

Some Probl...UL.c9r

windows10-2004-x64

3

Some Probl...==.c9r

windows7-x64

3

Some Probl...==.c9r

windows10-2004-x64

3

Some Probl...ME.c9r

windows7-x64

3

Some Probl...ME.c9r

windows10-2004-x64

3

Some Probl...==.c9r

windows7-x64

3

Some Probl...==.c9r

windows10-2004-x64

3

Some Probl...==.c9r

windows7-x64

3

Some Probl...==.c9r

windows10-2004-x64

3

Some Probl...Ps.c9r

windows7-x64

3

Some Probl...Ps.c9r

windows10-2004-x64

3

Some Probl...w=.c9r

windows7-x64

3

Some Probl...w=.c9r

windows10-2004-x64

3

Some Probl...I=.c9r

windows7-x64

3

Some Probl...I=.c9r

windows10-2004-x64

3

Some Probl...eR.c9r

windows7-x64

3

Some Probl...eR.c9r

windows10-2004-x64

3

Some Probl...AB.c9r

windows7-x64

3

Some Probl...AB.c9r

windows10-2004-x64

3

Resubmissions

21-05-2024 14:43

240521-r3mvhshd83 3

21-05-2024 14:40

240521-r1yh8shd44 7

21-05-2024 14:37

240521-ry949ahe2z 7

21-05-2024 14:34

240521-rxpf6ahd6w 3

21-05-2024 14:31

240521-rvybaahb79 7

Analysis

  • max time kernel
    18s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    21-05-2024 14:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Some Problems/Copy of -Cob4SIulRH8f_w5vJVEJMEOSqJ2qJP-4vkmrg2Xnz7xlvli_ONNtb-HEkbY.c9r

  • Size

    340KB

  • MD5

    61786f07257333aca8c404188a97cb9e

  • SHA1

    af6a6e292412429edf44487b4a79bab4e69e9fda

  • SHA256

    2fc1ebf53614c56ca8447e567c59da447425701387787c33c4cf8c6621005f43

  • SHA512

    253d1f716ddf2cbdc8cad18f44db540bc8e2253cfc815be2410a564080b5dff814c72cad4a61cfbcb145ac79e2bd844d25efa1865319b6ca77b854122ffcaaf1

  • SSDEEP

    6144:JGFRYS1/2viji3T/w7XOS6qXcZ4yTz/L1kf4syDNP93pDlDuYagwD34rOOFK6lBS:Jo/kMuwTr6qZyTP1g4fFYhg1rOOxC

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of -Cob4SIulRH8f_w5vJVEJMEOSqJ2qJP-4vkmrg2Xnz7xlvli_ONNtb-HEkbY.c9r"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of -Cob4SIulRH8f_w5vJVEJMEOSqJ2qJP-4vkmrg2Xnz7xlvli_ONNtb-HEkbY.c9r
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2592
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of -Cob4SIulRH8f_w5vJVEJMEOSqJ2qJP-4vkmrg2Xnz7xlvli_ONNtb-HEkbY.c9r"
        3⤵
        • Suspicious use of SetWindowsHookEx
        PID:2572

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7318d567a83eadd8745b808801184451

    SHA1

    f12bfde4a1808086402b35937eaf35eb619ede90

    SHA256

    98de4c915734116fbdf874388420d52585c62bd280b2f8a92f54dda2ef900adf

    SHA512

    6e006ed6221b6b38131658c9f175db464d60bd9c29fa6a47de006221d74289a3903ed0da5e571154c2d91613c390261c1430606f6f8b5431711a65b174a63b68

    Download Submit