Overview

overview

3

Static

static

3

ATTENTION_...Y.html

windows7-x64

1

ATTENTION_...Y.html

windows10-2004-x64

1

README.html

windows7-x64

1

README.html

windows10-2004-x64

1

portable_m...ch.exe

windows7-x64

1

portable_m...ch.exe

windows10-2004-x64

1

portable_m...sh.exe

windows7-x64

1

portable_m...sh.exe

windows10-2004-x64

1

portable_m...ch.exe

windows7-x64

1

portable_m...ch.exe

windows10-2004-x64

1

portable_m...an.exe

windows7-x64

1

portable_m...an.exe

windows10-2004-x64

1

portable_m...an.exe

windows7-x64

1

portable_m...an.exe

windows10-2004-x64

1

portable_m...sh.exe

windows7-x64

1

portable_m...sh.exe

windows10-2004-x64

1

��� ...��.url

windows7-x64

��� ...��.url

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13/06/2024, 13:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    portable_multilingual/3D_Roulette_german.exe

  • Size

    784KB

  • MD5

    cd93ac5eab3ae9f9d86f4191d56ec6db

  • SHA1

    4a1ff8f8f6d31196e756bb27d80d3a4fe65c0ad4

  • SHA256

    9c1a3a06120580eb2ce61f001d30ded7bd2c064db24e3a519ec6266b257a76a1

  • SHA512

    5fd2af7e81ccf8bd0e40d9fe96ebc4e889a364220a178e769a23f778fc1181d5de7cc59c303d61af43ea694d587a9c45a221a517b63d45779cecf1d153db83ec

  • SSDEEP

    12288:JDRV3eVEYEIn3jvTihD9soLygPJxR7fk4cJd822t4XI5smeUTffnZg8QjZs:JDeVE/InTvTiBfDJxNsRd8XbeUTf/9

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\portable_multilingual\3D_Roulette_german.exe
    "C:\Users\Admin\AppData\Local\Temp\portable_multilingual\3D_Roulette_german.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:1932

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads