Analysis
-
max time kernel
6s -
max time network
0s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
01-08-2024 21:01
Static task
static1
Behavioral task
behavioral1
Sample
41c15287afaf479653ea49af1bce6962.jpg
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
41c15287afaf479653ea49af1bce6962.jpg
Resource
win10v2004-20240730-en
General
-
Target
41c15287afaf479653ea49af1bce6962.jpg
-
Size
11KB
-
MD5
fa45de6bab03ebe9e992ba8508f59a16
-
SHA1
2e9c27bfd06ad67872fc18a10f3eb73fe8daa9c0
-
SHA256
b58c6b7e0c478d553966ecf8fb0443d7ad4fef09a528431249b1ea12ab9c1afc
-
SHA512
265e8e6d4abf844b3cf674b719fcb2b776a0404a228f1efa5a7686053c15731d3a123b615dd21736f4360c0fd69e774039dca035707550b70db521da8b61991e
-
SSDEEP
192://reHDE4vThHWnB7lvdxk7u4novdB2B8SXHB8/XN9UNyer5wpPtJoaFQDJlt8ZZk:/zejXrhMB7zq7OvdD2Hid9UQe6FNFcVL
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 2 IoCs
Processes:
rundll32.exepid process 2580 rundll32.exe 2580 rundll32.exe