Analysis

  • max time kernel
    90s
  • max time network
    99s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    28/05/2024, 14:53

General

  • Target

    MM2DUPE.rar

  • Size

    1.4MB

  • MD5

    393710cbca247af09361b42ecd4707ae

  • SHA1

    bf82dc316019c86b22201c8df2f4b074fad0c122

  • SHA256

    ea50def0dd932594fe6430faa97af3b0c8ea9ac388e2ce8bce2a8b955562592a

  • SHA512

    aad83e3dc0f4cbe79fe3b157eb1581ff3f635a28b3651643f674b20180d7a8caf6dad694589dab0e6a10af61ed1389599bf545dda91d60c3a1f4991e317a65e1

  • SSDEEP

    24576:+5+B3ODgn3LXQW58/f8jpohKRb51ksm4+d74oKPwEfOjTEC9YNGkgOFod1h6s2P0:+5SOs3LgW5zOhKR91kYk4oCfMv96GJO2

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\MM2DUPE.rar
    1⤵
    • Modifies registry class
    PID:1924
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2984

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads