Overview

overview

3

Static

static

1

Scorpix-Executor.exe

windows11-21h2-x64

1

loader-o.pyc

windows11-21h2-x64

3

Analysis

  • max time kernel
    89s
  • max time network
    103s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240704-en
  • resource tags

    arch:x64arch:x86image:win11-20240704-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/07/2024, 16:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    loader-o.pyc

  • Size

    5.9MB

  • MD5

    c1ce58a7d6b344ba8dc7b53898d16fb9

  • SHA1

    c4b1ec8408250ddb058b8e01784a4f491d0a757e

  • SHA256

    6311314a6c3025517fb45db152c8e3b57e338e5315c93f5c507c98f4811083f2

  • SHA512

    d3a7e4e93e0ab0366c3454879e212e93408a10a3dd453b76343b77b56da3498dab49c17daa2ec9d74280535b305f28e3b31a3ff0e1f0523790cf9fae4cba65ef

  • SSDEEP

    3072:OOIZtXinPBROGQAvl9Bmone4zH+OEF8YGcc9KZ8cjomtcu8hgESo5UO+ZVVTjv5K:xsUl

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\loader-o.pyc
    1⤵
    • Modifies registry class
    PID:3696
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3676

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads