Analysis

  • max time kernel
    3s
  • max time network
    11s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    11-07-2024 03:55

General

  • Target

    !~!SetUp_2025_Pa$$W0rd$s!!%!~.rar

  • Size

    2.5MB

  • MD5

    84abceea44fad10e5bffa5ca322472b8

  • SHA1

    16cc411b420af41a0ac0f93d9bf83a9b4fd5bf74

  • SHA256

    e4e4ac4b8b98caa320ab253c20f011777af08d212a0fa2d499704458b739a03e

  • SHA512

    197cf374219f72325334707ead6c6c63d58b57bf8c525b3b6fbd72926c97d72288a908a224a709ca4f5a1398d9ddc17f107652ddc1b29720708844ef4d026f82

  • SSDEEP

    49152:Dl+vhucarEtODXytKmaAHh0ozFBfPHMxduALsKOg2YXA4dWEIJ:J+srEtsytLhh0OPMxEAL5aqLWEO

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\!~!SetUp_2025_Pa$$W0rd$s!!%!~.rar
    1⤵
    • Modifies registry class
    PID:3040
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads