Analysis

  • max time kernel
    77s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/07/2024, 02:53

General

  • Target

    mirc.exe

  • Size

    3.1MB

  • MD5

    912dfaee60f144853a33231688312686

  • SHA1

    5e6c5a2c8860fb74d34ed1e6208f78d731f34ef9

  • SHA256

    13a73d14f028af648394002fc483a60c4f93beaf55eecfcdbc5364331b7dd5e0

  • SHA512

    3d9ccf47dba83b484dea530f730bc30b044d92dec0f50469f11726af1fa964613c6231fdfa3cd4039cbee723c53188d630a069be9741347b06c05e5b2a53b858

  • SSDEEP

    49152:JjfkX4IMjEzU//67yweAk5HPdug0TVxNYRf:Jg4IMZ+ywOPduTnYt

Score
7/10

Malware Config

Signatures

  • Identifies Wine through registry keys 2 TTPs 1 IoCs

    Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 10 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mirc.exe
    "C:\Users\Admin\AppData\Local\Temp\mirc.exe"
    1⤵
    • Identifies Wine through registry keys
    • Modifies registry class
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1048

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads