Overview

overview

10

Static

static

10

Usar tu ma... 4.rar

windows10-2004-x64

3

Carpetas d...os.txt

windows10-2004-x64

1

Carpetas d...on.zip

windows10-2004-x64

1

VDX.exe

windows10-2004-x64

4

VDX_x64.exe

windows10-2004-x64

4

Carpetas d....0.zip

windows10-2004-x64

1

ViGEmBusDr...us.inf

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows10-2004-x64

1

ViGEmBusDr...us.cat

windows10-2004-x64

8

ViGEmBusDr...us.inf

windows10-2004-x64

1

ViGEmBusDr...us.sys

windows10-2004-x64

1

ViGEmBusDr...09.dll

windows10-2004-x64

3

ViGEmBusDr...us.cat

windows10-2004-x64

8

Carpetas d...ce.exe

windows10-2004-x64

4

Carpetas d...64.exe

windows10-2004-x64

4

Carpetas d...on.rar

windows10-2004-x64

3

devcon.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    34s
  • max time network
    36s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240730-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20240730-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    02-08-2024 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Usar tu mando Generico como si fuera uno de playstation 4.rar

  • Size

    5.3MB

  • MD5

    13a8c7f593762d7d05d025358550367b

  • SHA1

    9bb7b8bafda58ea1f144eca202b26a8b4d939904

  • SHA256

    8dabe8af434fe110d74ca365ed3eeef33001aa26f1487afeb1a6f5d59e7e544c

  • SHA512

    0492b3fd2cbf11f5a0b4630c985a55abcee0ce649089da22d81a35747cb8f45113c19713480f9cc3dda3d21048f985c1c523d29322919bdcf674cc3282843a65

  • SSDEEP

    98304:GuGNSE1YoL/GizoQO1iL54S3Fo2d+06CX4LBkWafq8oLPN/livrnD9GAs:X49yUGizoFi5d3Fov1+WeqjPN/+Fs

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 21 IoCs
  • Suspicious use of SendNotifyMessage 20 IoCs
  • Suspicious use of SetWindowsHookEx 22 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Usar tu mando Generico como si fuera uno de playstation 4.rar"
    1⤵
    • Modifies registry class
    PID:4192
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4992
  • C:\Program Files\VideoLAN\VLC\vlc.exe
    "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\JoinApprove.avi"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\vlc\vlc-qt-interface.ini
    Filesize

    76B

    MD5

    21dc4317cf5c973565581a6f5d1c7488

    SHA1

    62233e23d543d897e64eaab94e254ff7528a6dc6

    SHA256

    aac8a364b1ee00d703ed795be33f85af879e5af0f4e827e4f992277a9c2ab135

    SHA512

    a3011b5e04ca785dab33197c2dbcb70b451ad3dc8fa17742a3f58b53808a157263fa994deb13533127d89767e02fa0fcc3849e74d49724314541f14e2357cdd3

    Download Submit

  • memory/1432-27-0x00007FF611720000-0x00007FF611818000-memory.dmp

    Filesize

    992KB

    Download

  • memory/1432-28-0x00007FFC19AA0000-0x00007FFC19AD4000-memory.dmp

    Filesize

    208KB

    Download

  • memory/1432-29-0x00007FFC09710000-0x00007FFC099C6000-memory.dmp

    Filesize

    2.7MB

    Download

  • memory/1432-30-0x00007FFC07CF0000-0x00007FFC08DA0000-memory.dmp

    Filesize

    16.7MB

    Download