Overview

overview

10

Static

static

1

piggy.png

windows7-x64

3

piggy.png

windows10-2004-x64

10

Resubmissions

02-07-2024 23:48

240702-3tl3eawdpf 10

02-07-2024 23:39

240702-3nl58awbkg 10

02-07-2024 23:36

240702-3lzzaszekr 6

02-07-2024 06:39

240702-heslesvapn 10

02-07-2024 06:28

240702-g8c76atgjr 10

02-07-2024 06:22

240702-g4z65azepb 6

02-07-2024 06:05

240702-gs9leszbja 6

02-07-2024 06:00

240702-gqde7szaje 8

Analysis

  • max time kernel
    1556s
  • max time network
    1557s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    02-07-2024 23:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    piggy.png

  • Size

    1.3MB

  • MD5

    db441b970d8b070324fad09acb7ca77f

  • SHA1

    d71a69ffc7c67b2bc338d809b2a7933d1139638a

  • SHA256

    38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981

  • SHA512

    49b8b422831afec6f9600f9ee03b6ff237abf548ffecb607a38992ae72c6d27820e980e79217c784b13b6df70d56482b26a06f058bb00a326e1564f7fcb1b55d

  • SSDEEP

    24576:bNkiU39wq+8/EV7QXZyP2wWYMmxtJMdhBgf0n1BcFvnbz:bNV09wq+gECnGfJ0Bu0n1OZP

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\piggy.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2068

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2068-0-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2068-1-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

    Download