Analysis

  • max time kernel
    1320s
  • max time network
    1143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-08-2024 17:18

General

  • Target

    source_prepared.pyc

  • Size

    185KB

  • MD5

    2238391a6ca3bc8e248650966a0caaae

  • SHA1

    6fac5649bc5bcdee8ee5e39163fe7ecac0180821

  • SHA256

    4e7ebb39ad91d7af1306040466a9ccb8c923932c9ead734a3d3e4a7984a693b2

  • SHA512

    d92579b36d47ea3fa791a534329a4fd73084722c458d98d92373b75bf037f31497e679fed26e72ca3695488746b8d1179d1a153f9ce5efd59c396a5bf482d353

  • SSDEEP

    3072:wTtkLaiI6A9MmlbJo2PEtelZN+tVZa/zqge6/qPCkn0:wTmWiILHJo28cN+7Za/zqgeqsCh

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\source_prepared.pyc
    1⤵
    • Modifies registry class
    PID:904
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:1028

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads