Resubmissions
21/05/2024, 14:43
240521-r3mvhshd83 321/05/2024, 14:40
240521-r1yh8shd44 721/05/2024, 14:37
240521-ry949ahe2z 721/05/2024, 14:34
240521-rxpf6ahd6w 321/05/2024, 14:31
240521-rvybaahb79 7Analysis
-
max time kernel
18s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
-
submitted
21/05/2024, 14:43
General
-
Target
Some Problems/Copy of SNd4-9txzdskyzcF7Lic-BdLhYfwnmWzra9vRxxqAlmnzRUo5xO-uxEdwjJvnk5khc3UqH9ds4I=.c9r
-
Size
658KB
-
MD5
dcdf8fa40f05623a3ed398a3894be7d2
-
SHA1
a9c8c435acf14235c430a069ecf057a2c886b673
-
SHA256
15332cd7d7f27f6d7f9dac14d3b2f4d202999b34f31c5704293e3e2ec1b0c6aa
-
SHA512
e410e08fb7b2cb9caed7ecbdbbbfea22f8c7058854a80030b9fe5e673aeb695fda67b82cb860324df5af59e5ef5e1c5af319a8badcc0c9fe9be350606bf59c80
-
SSDEEP
12288:wdHeIhHngDmvY2JWAEYXTHcYr37jN4QDrAKCIQ+y08XmrF4p/n1xe0+KyuUL8Gm:wMGHnCmvMAE2ZSGCIQB08UF4/uKyJL8h
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 9 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of SNd4-9txzdskyzcF7Lic-BdLhYfwnmWzra9vRxxqAlmnzRUo5xO-uxEdwjJvnk5khc3UqH9ds4I=.c9r"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of SNd4-9txzdskyzcF7Lic-BdLhYfwnmWzra9vRxxqAlmnzRUo5xO-uxEdwjJvnk5khc3UqH9ds4I=.c9r2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Some Problems\Copy of SNd4-9txzdskyzcF7Lic-BdLhYfwnmWzra9vRxxqAlmnzRUo5xO-uxEdwjJvnk5khc3UqH9ds4I=.c9r"3⤵
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5f2ee01f6ab6c007841c9489901599a37
SHA1f5ff01ebacb51657815d3b2cf2f2f9c3a855adb5
SHA2562e7e0f32b7f0a406bd118b4f76cb17d6799599256fa8896c4e209d5d737d83d3
SHA512b1b7c527fb1b688869311927b7ced778bfe94db5495a7b2a16d595ece4d5fa099bf17df7c471ca99691d2c9dad412a1d4ac89fc4b4fd21fbf07f152c4053b05e