Overview

overview

7

Static

static

3

Motrix-Set...19.exe

windows7-x64

7

Motrix-Set...19.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDIR/app-32.7z

windows7-x64

3

$PLUGINSDIR/app-32.7z

windows10-2004-x64

3

$PLUGINSDIR/app-64.7z

windows7-x64

3

$PLUGINSDIR/app-64.7z

windows10-2004-x64

3

locales/ta.pak

windows7-x64

3

locales/ta.pak

windows10-2004-x64

3

locales/te.pak

windows7-x64

3

locales/te.pak

windows10-2004-x64

3

locales/th.pak

windows7-x64

3

locales/th.pak

windows10-2004-x64

3

locales/tr.pak

windows7-x64

3

locales/tr.pak

windows10-2004-x64

3

locales/uk.pak

windows7-x64

3

locales/uk.pak

windows10-2004-x64

3

locales/ur.pak

windows7-x64

3

locales/ur.pak

windows10-2004-x64

3

locales/vi.pak

windows7-x64

3

locales/vi.pak

windows10-2004-x64

3

locales/zh-CN.pak

windows7-x64

3

locales/zh-CN.pak

windows10-2004-x64

3

locales/zh-TW.pak

windows7-x64

3

locales/zh-TW.pak

windows10-2004-x64

3

Analysis

  • max time kernel
    148s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-de
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-delocale:de-deos:windows10-2004-x64systemwindows
  • submitted
    13/06/2024, 10:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    locales/ta.pak

  • Size

    936KB

  • MD5

    f100566697a96ce1f0a0c7e0bbfbe36d

  • SHA1

    4c80a4930ba7d174c4203c199492463242bddf62

  • SHA256

    7e818deedd50a533851bbf08e056bf2ad8d45f442a1a61d9b48e66804ea848db

  • SHA512

    dfa6132a5b7e819e8d326bf5ee539d9ecb2dcd7fea429c75afec2291df9eeead6fa347b01f9feaf2235bce627fd39116176195f7a3d7d74de28951f939db1645

  • SSDEEP

    3072:A/8IEMgtILv22ElYNWwRY/q5pG7zctR1cA2F:A/8ggtSgmZRY/q5uzctR1cA2F

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\locales\ta.pak
    1⤵
    • Modifies registry class
    PID:4196
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:972

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads