Overview

overview

3

Static

static

3

PowerPoint2019.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    16s
  • max time network
    15s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/06/2024, 22:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    PowerPoint2019.exe

  • Size

    6.5MB

  • MD5

    c3620e9657a704903157e9707b02b2d8

  • SHA1

    e30903347c6fbba03834af5e705e2b841f8721a3

  • SHA256

    31bac7c4a88b71ff54bd7a03b939394d906e7c6765d9dc84161996208376d9d2

  • SHA512

    aa784a9ce5c45b9bdccaf362bb9a29b1c0da32ebd15d6d229432506ed02483dddfc9cc14c4977386e03a2a07e2b44ef55aa85368ae632c462ea8443e148c3924

  • SSDEEP

    196608:Sa5MXOZ5S5CGZuU+tUSMiiFWZ6OkMcn2p7l5Xa7e:keZ5SzuRtBYq6OkMf5XF

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PowerPoint2019.exe
    "C:\Users\Admin\AppData\Local\Temp\PowerPoint2019.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2664

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\IF{441EFBC5-D565-4908-A728-797E02545284}\headerImage.dat
          Filesize

          23KB

          MD5

          8aec27d9a6737123f40228c85aa35744

          SHA1

          41e56bee448fe55513f51e74ac27b2352e49b77b

          SHA256

          0ed07e51afe68580962295696e67d64b3cd0831e1b8c8a04854e409eb40f8959

          SHA512

          3b7aa6a0de08eb1f423f26f45ad8469af169156a5da449e10c93d3dadc8b57315f1e4e08f67c06b63e19fd55d374918f2d00ad2738718a1d8565d82773181be9

          Download Submit