Overview

overview

3

Static

static

3

MelvorIdle...ip.zip

windows7-x64

1

MelvorIdle...ip.zip

windows10-2004-x64

1

MelvorIdle...on.ico

windows7-x64

3

MelvorIdle...on.ico

windows10-2004-x64

3

MelvorIdle...et.lib

windows7-x64

3

MelvorIdle...et.lib

windows10-2004-x64

3

MelvorIdle...64.lib

windows7-x64

3

MelvorIdle...64.lib

windows10-2004-x64

3

MelvorIdle...64.lib

windows7-x64

3

MelvorIdle...64.lib

windows10-2004-x64

3

MelvorIdle...mu.ini

windows7-x64

1

MelvorIdle...mu.ini

windows10-2004-x64

1

MelvorIdle...go.png

windows7-x64

3

MelvorIdle...go.png

windows10-2004-x64

3

MelvorIdle...k.json

windows7-x64

3

MelvorIdle...k.json

windows10-2004-x64

3

MelvorIdle...NSE.md

windows7-x64

3

MelvorIdle...NSE.md

windows10-2004-x64

3

MelvorIdle...e.json

windows7-x64

3

MelvorIdle...e.json

windows10-2004-x64

3

MelvorIdle...NG.yml

windows7-x64

3

MelvorIdle...NG.yml

windows10-2004-x64

3

MelvorIdle...cs.yml

windows7-x64

3

MelvorIdle...cs.yml

windows10-2004-x64

3

MelvorIdle...DME.md

windows7-x64

3

MelvorIdle...DME.md

windows10-2004-x64

3

MelvorIdle...ignore

windows7-x64

3

MelvorIdle...ignore

windows10-2004-x64

3

MelvorIdle...is.yml

windows7-x64

3

MelvorIdle...is.yml

windows10-2004-x64

3

MelvorIdle...ory.md

windows7-x64

3

MelvorIdle...ory.md

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/07/2024, 22:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MelvorIdle-oyunindir.vip/package.nw/lib/win32/sdkencryptedappticket.lib

  • Size

    5KB

  • MD5

    c7fb6501c147b5a74f2639415a925edd

  • SHA1

    564e9f4d48b3fadf3a89a54f7d790fbebaf46e2d

  • SHA256

    a03a4784f701f7aef9db0bf3c592e4e7d48da81c3baf19edca7849dddc30c073

  • SHA512

    aed73994ce4677291a7441742ba970fb7acbbe2ccbfd058e808ff17a8f8e17c2f245a575a3c17bd5103d137deb545726b5555b90b73a073492393184119f501b

  • SSDEEP

    96:E5o5EzVqaqmaBRG4393O3CEvaK64J/maqK6xVKqixVKCxVKJlD99aY3:E53zVqdmeG439e3Nv764JmdK6LiXqDPJ

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\MelvorIdle-oyunindir.vip\package.nw\lib\win32\sdkencryptedappticket.lib
    1⤵
    • Modifies registry class
    PID:1360
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads