Overview
overview
10Static
static
1!~!SetUp_2...!~.zip
windows7-x64
1!~!SetUp_2...!~.zip
windows10-2004-x64
1!~!SetUp_2...!~.rar
windows7-x64
3!~!SetUp_2...!~.rar
windows10-2004-x64
3Setup.exe
windows7-x64
5Setup.exe
windows10-2004-x64
10avenue.css
windows7-x64
3avenue.css
windows10-2004-x64
7d3dx9_43.dll
windows7-x64
1d3dx9_43.dll
windows10-2004-x64
1heartthrob.doc
windows7-x64
1heartthrob.doc
windows10-2004-x64
1Analysis
-
max time kernel
3s -
max time network
11s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-es -
resource tags
arch:x64arch:x86image:win10v2004-20240709-eslocale:es-esos:windows10-2004-x64systemwindows -
submitted
11-07-2024 03:55
Static task
static1
Behavioral task
behavioral1
Sample
!~!SetUp_2025_Pa$$W0rd$s!!%!~.zip
Resource
win7-20240705-es
Behavioral task
behavioral2
Sample
!~!SetUp_2025_Pa$$W0rd$s!!%!~.zip
Resource
win10v2004-20240709-es
Behavioral task
behavioral3
Sample
!~!SetUp_2025_Pa$$W0rd$s!!%!~.rar
Resource
win7-20240708-es
Behavioral task
behavioral4
Sample
!~!SetUp_2025_Pa$$W0rd$s!!%!~.rar
Resource
win10v2004-20240709-es
Behavioral task
behavioral5
Sample
Setup.exe
Resource
win7-20240704-es
Behavioral task
behavioral6
Sample
Setup.exe
Resource
win10v2004-20240709-es
Behavioral task
behavioral7
Sample
avenue.css
Resource
win7-20240708-es
Behavioral task
behavioral8
Sample
avenue.css
Resource
win10v2004-20240709-es
Behavioral task
behavioral9
Sample
d3dx9_43.dll
Resource
win7-20240704-es
Behavioral task
behavioral10
Sample
d3dx9_43.dll
Resource
win10v2004-20240709-es
Behavioral task
behavioral11
Sample
heartthrob.doc
Resource
win7-20240708-es
Behavioral task
behavioral12
Sample
heartthrob.doc
Resource
win10v2004-20240709-es
General
-
Target
!~!SetUp_2025_Pa$$W0rd$s!!%!~.rar
-
Size
2.5MB
-
MD5
84abceea44fad10e5bffa5ca322472b8
-
SHA1
16cc411b420af41a0ac0f93d9bf83a9b4fd5bf74
-
SHA256
e4e4ac4b8b98caa320ab253c20f011777af08d212a0fa2d499704458b739a03e
-
SHA512
197cf374219f72325334707ead6c6c63d58b57bf8c525b3b6fbd72926c97d72288a908a224a709ca4f5a1398d9ddc17f107652ddc1b29720708844ef4d026f82
-
SSDEEP
49152:Dl+vhucarEtODXytKmaAHh0ozFBfPHMxduALsKOg2YXA4dWEIJ:J+srEtsytLhh0OPMxEAL5aqLWEO
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc Process Key created \REGISTRY\USER\S-1-5-21-2650514177-1034912467-4025611726-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-2650514177-1034912467-4025611726-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid Process 1708 OpenWith.exe
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\!~!SetUp_2025_Pa$$W0rd$s!!%!~.rar1⤵
- Modifies registry class
PID:3040
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1708