Analysis
-
max time kernel
91s -
max time network
104s -
platform
windows11-21h2_x64 -
resource
win11-20240704-en -
resource tags
arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system -
submitted
05-07-2024 15:14
Static task
static1
Behavioral task
behavioral1
Sample
tajma.x86_64
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
tajma.x86_64
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
tajma.x86_64
Resource
win10v2004-20240704-en
Behavioral task
behavioral4
Sample
tajma.x86_64
Resource
win11-20240704-en
General
-
Target
tajma.x86_64
-
Size
156KB
-
MD5
9f06e0d941dd9632ca4d0a8bcb9420fb
-
SHA1
89abd86d7558738abdcea7db06133c0396d53318
-
SHA256
28b636dd861a4f2ba6ef2228e31b1cf314e503e8c052fa02c1b5aaf8a1c779f6
-
SHA512
f6389e513bef40f3a445f246b4cc3058b36a9aea3d5bd9154502a0cfa501e0d0488fdc42fbcde9ec6a07cfa85fba5a99bd5d00e24f217c89e57d115096004239
-
SSDEEP
3072:B2hKj/Y1SX1Qq/TK/Sss/na6qUmT/+RuPlnDlHGamkvrmp5UP0q:B2hKj/Y1SX17TK/l/pkoP0q
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-2133704870-72480668-1360283475-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-2133704870-72480668-1360283475-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 3244 OpenWith.exe