Resubmissions

17/07/2024, 09:50

240717-lty9asyclc 3

10/04/2024, 23:28

240410-3fzfkseb99 10

Analysis

  • max time kernel
    140s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/07/2024, 09:50

General

  • Target

    Exitlag Cracked 16.1v.rar

  • Size

    4.2MB

  • MD5

    451806c60f6f0c52cbb49026d4e14d89

  • SHA1

    8463cb0297d3e3b9bd28713d1ed75ef4d78b887a

  • SHA256

    090f2f668799ba806d6e5ec31bf7ff1fd39b7260f129f4d6a944decae0f04df9

  • SHA512

    e59a94c974f32d2e275d97add0a1eac8fdf794db008f0ecd69835ff120afd93e446852849e30f1bf598c57305891cf7d536b645e91dccd01c07dfe2679465cff

  • SSDEEP

    49152:uMKPSGs1uhQvK+8UU2JyWIpeHWf/j6fVThnaYvWG/W7FWmOEa4u2Q/L16JyFH7QE:JAsli2UpcWf/jcs3FVQh603pUrAeA

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Exitlag Cracked 16.1v.rar"
    1⤵
    • Modifies registry class
    PID:4636
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4536

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads