Analysis Overview
SHA256
39ba31aac730686e81b867c0dca91854fb378b9f413d6d3429e6ba280eed4230
Threat Level: Likely benign
The file Screenshot_2024-06-09-16-49-30-136.jpeg was found to be: Likely benign.
Malicious Activity Summary
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 14:04
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 14:04
Reported
2024-06-16 14:08
Platform
win7-20240221-en
Max time kernel
48s
Max time network
18s
Command Line
Signatures
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\System32\rundll32.exe | N/A |
Processes
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\Screenshot_2024-06-09-16-49-30-136.jpg
Network
Files
memory/1032-0-0x0000000001D70000-0x0000000001D71000-memory.dmp
memory/1032-1-0x0000000001D70000-0x0000000001D71000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 14:04
Reported
2024-06-16 14:07
Platform
android-33-x64-arm64-20240611.1-en
Max time network
6s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| GB | 172.217.169.68:443 | udp | |
| BE | 142.251.168.188:5228 | tcp | |
| GB | 142.250.179.228:443 | tcp | |
| GB | 216.58.204.74:443 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 172.217.169.68:443 | udp |