Analysis
-
max time kernel
146s -
max time network
150s -
platform
windows11-21h2_x64 -
resource
win11-20240508-en -
resource tags
-
submitted
21-05-2024 14:45
General
-
Target
96f224a35bde7bb16ddfdbeac3a07f92.jpg
-
Size
5KB
-
MD5
32163edd3e4b714041f3d9cd885eaa6f
-
SHA1
3b1bfd95bead7de606f45cdf4905598ecd53d10c
-
SHA256
adfa52c75a4699a7b2c7aa7baf8e25158e1111f8aff2d08b7015731f6cba2ab6
-
SHA512
95df44ebce66c86dc9a2cc41dafe004ececc26ffa864cc3e06432b204c26a974b8ef01531f88c9dfee0524f37ca792f269e3a88c818f237d08b61f69abe85717
-
SSDEEP
96:aICpQswnb63APRRxY7YtZ3LITY5lGGMl9Xz4zoyOYWPt7efIoB6Kds6:cp+ntxZtJMTY5kjr190fI8ds6
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\96f224a35bde7bb16ddfdbeac3a07f92.jpg1⤵
-
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
-
C:\Windows\system32\svchost.exeC:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc1⤵
-
C:\Windows\system32\SystemSettingsAdminFlows.exe"C:\Windows\system32\SystemSettingsAdminFlows.exe" EnterProductKey1⤵
- Suspicious use of SetWindowsHookEx