864b215f0c89cc97368999b901a84633b2f33c0993790cbeee40b5f983f7c3ed | Triage

Resubmissions

25/06/2024, 03:07

240625-dmfvda1bnm 3

Analysis

max time kernel
55s
platform
windows11-21h2_x64
resource
win11-20240508-en
resource tags

arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
submitted
25/06/2024, 03:07

Sharing

Report Analysis Logs

General

Target

password.jpg
Size

50KB
MD5

4244342abd5ff9f2bc55de9601e47ef9
SHA1

42be714c99c3d1ad4517b4fa05193570c548dd82
SHA256

207a5cf71629ba556a5c115bb084d1904d322f2d9c28dd64bb1c161e05b70edc
SHA512

aa90b7dca1e12b24e5368fa6c8f25324d66d679af27cb867ba5b700103e2c4bfbc92bce02f79d1b1855eca042a9676e8e884b0c16b195cb89cbdd8968277c3bf
SSDEEP

768:PHANnW5aGdd+AkSu4rksV6pfQCwCozi4BrA49d7uueqzjas//g:PHAATYrubYfQsCLVA4uueqzOV

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\password.jpg
1⤵
PID:2036

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:2308

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads