Overview

overview

3

Static

static

1

gitsoft_v1.19.7z

windows10-1703-x64

3

Analysis

  • max time kernel
    316s
  • max time network
    405s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/08/2024, 22:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    gitsoft_v1.19.7z

  • Size

    9.0MB

  • MD5

    b6691621f838b3de1be6de960d79a1dd

  • SHA1

    ca843d4dd2a33b25895ffed3f406e76db4c65c8c

  • SHA256

    c439f9b67b44cb5520969ac245af391d5c25fd691d16c3599fc7af98e77224df

  • SHA512

    18b33ba9df05bda928d5deef1b9702ad4e47ddc879288b7d40d736dc124bba9b41bc8afa067a51b7167bf16d1a1db125e321639b6eedef766c1cea5519341ff6

  • SSDEEP

    196608:ETApoLGtWB/WCCwAP5nCVbLNfPxIKJ63Hthwirwze:Zpd8rCv5UCK037ce

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\gitsoft_v1.19.7z
    1⤵
    • Modifies registry class
    PID:4732
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4488

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads