Overview

overview

3

Static

static

3

ATTENTION_...Y.html

windows7-x64

1

ATTENTION_...Y.html

windows10-2004-x64

1

README.html

windows7-x64

1

README.html

windows10-2004-x64

1

portable_m...ch.exe

windows7-x64

1

portable_m...ch.exe

windows10-2004-x64

1

portable_m...sh.exe

windows7-x64

1

portable_m...sh.exe

windows10-2004-x64

1

portable_m...ch.exe

windows7-x64

1

portable_m...ch.exe

windows10-2004-x64

1

portable_m...an.exe

windows7-x64

1

portable_m...an.exe

windows10-2004-x64

1

portable_m...an.exe

windows7-x64

1

portable_m...an.exe

windows10-2004-x64

1

portable_m...sh.exe

windows7-x64

1

portable_m...sh.exe

windows10-2004-x64

1

��� ...��.url

windows7-x64

��� ...��.url

windows10-2004-x64

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    portable_multilingual/3D_Roulette_spanish.exe

  • Size

    784KB

  • MD5

    00f998543f0a7b5a8d858729c97d0c46

  • SHA1

    84aff408b01e6e6147e9773dbaed60206e497714

  • SHA256

    b63b014b2d40502e0a543a37bf240a625999785ef2a8679243f75e7f1d07e37a

  • SHA512

    b3c77b1a82aecb5e5fcd5f5dfc16cdc2014a6d28d0dfd4bbf3547cc3a8f8bd25e8769d21513e5baad3876a1cdb5c63d7b3cbca36c68a4bda62d8c37bc3d7d18c

  • SSDEEP

    12288:ZDRV3eVEYEIn3jvTihD9soLygPJxR7fk4cJd822t4XI5smeUTffnZgopj5s:ZDeVE/InTvTiBfDJxNsRd8XbeUTf/U

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\portable_multilingual\3D_Roulette_spanish.exe
    "C:\Users\Admin\AppData\Local\Temp\portable_multilingual\3D_Roulette_spanish.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2392

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads