Overview

overview

3

Static

static

1

dheater-0.4.3.zip

windows7-x64

1

dheater-0.4.3.zip

windows10-2004-x64

1

dheater-0....ragerc

windows7-x64

3

dheater-0....ragerc

windows10-2004-x64

3

dheater-0....ignore

windows7-x64

3

dheater-0....ignore

windows10-2004-x64

3

dheater-0....ignore

windows7-x64

3

dheater-0....ignore

windows10-2004-x64

3

dheater-0....ci.yml

windows7-x64

3

dheater-0....ci.yml

windows10-2004-x64

3

dheater-0....lintrc

windows7-x64

3

dheater-0....lintrc

windows10-2004-x64

3

dheater-0....erfile

windows7-x64

1

dheater-0....erfile

windows10-2004-x64

1

dheater-0....SE.txt

windows7-x64

1

dheater-0....SE.txt

windows10-2004-x64

1

dheater-0....EST.in

windows7-x64

3

dheater-0....EST.in

windows10-2004-x64

3

dheater-0....DME.md

windows7-x64

3

dheater-0....DME.md

windows10-2004-x64

3

dheater-0....25.pem

windows7-x64

3

dheater-0....25.pem

windows10-2004-x64

3

dheater-0....48.pem

windows7-x64

3

dheater-0....48.pem

windows10-2004-x64

3

dheater-0....75.pem

windows7-x64

3

dheater-0....75.pem

windows10-2004-x64

3

dheater-0....72.pem

windows7-x64

3

dheater-0....72.pem

windows10-2004-x64

3

dheater-0....25.pem

windows7-x64

3

dheater-0....25.pem

windows10-2004-x64

3

dheater-0....96.pem

windows7-x64

3

dheater-0....96.pem

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-07-2024 15:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dheater-0.4.3/README.md

  • Size

    760B

  • MD5

    4f1fa5dc02687a991e4ee2fd547742e0

  • SHA1

    827a48f650a5c7e6325189a0f435c4c06b5d780c

  • SHA256

    7a9e87e794ffcaca2bf2ec50fd5843b6e19c77cc308a3314bb3e4fc3acf94b8e

  • SHA512

    c2b1f25af5be8a6a26435e084b01e2e6fd9e0c4c0560537ab75a054bcbcd216f32d5cdd4d506cfacae9955225af199b7ed3f191a4c9b35c5c464cf8610b663a3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\dheater-0.4.3\README.md
    1⤵
    • Modifies registry class
    PID:3376
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:920

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads