Malware Analysis Report

2024-11-15 05:10

Sample ID 240606-wxpt5shg71
Target Screenshot 2024-06-06 2.11.52 PM.png
SHA256 b9e13c4a3c311e4f4320a65072c756abf884eae4575a08f856bc61d0148b36ff
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

b9e13c4a3c311e4f4320a65072c756abf884eae4575a08f856bc61d0148b36ff

Threat Level: No (potentially) malicious behavior was detected

The file Screenshot 2024-06-06 2.11.52 PM.png was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-06 18:18

Signatures

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-06 18:18

Reported

2024-06-06 18:22

Platform

debian9-mipsbe-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-06 18:18

Reported

2024-06-06 18:22

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-06 18:18

Reported

2024-06-06 18:52

Platform

win7-20240508-en

Max time kernel

1563s

Max time network

1568s

Command Line

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-06-06 2.11.52 PM.png"

Signatures

N/A

Processes

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Screenshot 2024-06-06 2.11.52 PM.png"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-06 18:18

Reported

2024-06-06 18:22

Platform

ubuntu1804-amd64-20240508-en

Max time kernel

0s

Command Line

[/tmp/Screenshot 2024-06-06 2.11.52 PM.png]

Signatures

N/A

Processes

/tmp/Screenshot 2024-06-06 2.11.52 PM.png

[/tmp/Screenshot 2024-06-06 2.11.52 PM.png]

Network

N/A

Files

N/A

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-06 18:18

Reported

2024-06-06 18:22

Platform

debian9-armhf-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A