Analysis
-
max time kernel
134s -
max time network
135s -
platform
windows10-1703_x64 -
resource
win10-20240404-en -
resource tags
arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system -
submitted
19-06-2024 00:32
Behavioral task
behavioral1
Sample
GHUBGEN_[unknowncheats.me]_.zip
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
Gen.exe
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
main.pyc
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
How To.txt
Resource
win10-20240611-en
Behavioral task
behavioral5
Sample
base.lua
Resource
win10-20240404-en
General
-
Target
base.lua
-
Size
2KB
-
MD5
15774c9d58d8e00297bc5d90e97036af
-
SHA1
1ef8137a90fff75e7b28d2a04b7cbaa975231477
-
SHA256
6438c4641fd0f17d0fb922d5849f1e1b6116c30210c1c944c5567242b6b7ba02
-
SHA512
9a0051560af0a6918e441259f88d770a7567f3b153ae58ddea28b7df0e431c4f4314abbf1a4ba01db9f67aa3aaaa6e0300d6fc1178dc48c352cff47db4134bb3
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-160447019-1232603106-4168707212-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 4700 OpenWith.exe