Analysis Overview
SHA256
c04c044f9f18a87f1a237d2b1d4d8a1e0cc41f01d6dbf8fb9de41efca1cde0d6
Threat Level: Likely benign
The file windowsdesktop-runtime-6.0.31-win-x64_768f34b688c81595d2044a44776eafabb7747f33.exe.json was found to be: Likely benign.
Malicious Activity Summary
Enumerates physical storage devices
Modifies registry class
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 07:46
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 07:46
Reported
2024-05-29 07:47
Platform
win11-20240426-en
Max time kernel
14s
Command Line
Signatures
Enumerates physical storage devices
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1230210488-3096403634-4129516247-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\windowsdesktop-runtime-6.0.31-win-x64_768f34b688c81595d2044a44776eafabb7747f33.exe.json
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding