Malware Analysis Report

2025-01-18 01:41

Sample ID 240613-kbtqes1cmf
Target Untitled attachment 00003.png
SHA256 14c5701e5d387ed18f7d2aaa9251513e184a7ae42f6c8aa2151f2ca66a2caed5
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

14c5701e5d387ed18f7d2aaa9251513e184a7ae42f6c8aa2151f2ca66a2caed5

Threat Level: Likely benign

The file Untitled attachment 00003.png was found to be: Likely benign.

Malicious Activity Summary


Enumerates physical storage devices

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-13 08:26

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 08:26

Reported

2024-06-13 08:28

Platform

win7-20240508-en

Max time kernel

119s

Max time network

123s

Command Line

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00003.png"

Signatures

N/A

Processes

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00003.png"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 08:26

Reported

2024-06-13 08:28

Platform

win10v2004-20240508-en

Max time kernel

147s

Max time network

151s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00003.png"

Signatures

Enumerates physical storage devices

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\Untitled attachment 00003.png"

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp

Files

N/A