7af547aba4c86bda1b99e761c421ede2293431a98dac770571e03b6a8ab62cdd | Triage

Analysis

max time kernel
34s
max time network
58s
platform
windows11-21h2_x64
resource
win11-20240802-en
resource tags

arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
submitted
03/08/2024, 00:10

Sharing

Report Analysis Logs

General

Target

nohesi_velocity_one_s/skins/nohesi/2016_Gloves_DIFF.dds
Size

2.7MB
MD5

24934012b1f961b4cae75c93b9a334c9
SHA1

212d4208cfc7b00559eed65a566f669477859e75
SHA256

b8b5afce77eb483fdb44fe8e8e95764f40cd3b1b10b1dfc87a02148a79ec70a7
SHA512

23d005c29dfdd334685f907317c7bcf417aeb360a5c67fc3efd226cdc0cf654f5f8ba73e8e32b7ff23323fb0d3521ea3d9852c53994ae8f7bdc81bf55474e13c
SSDEEP

49152:7lQGPdnR5bpXwIhUYTrmMSO7QqG8j2QZf5DskEAdhO8BwDmsevw6oXupXlPKrJgx:BQ6dnRBpXwIhUYTrmMSeQqz2Qd5DjEA/

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\nohesi_velocity_one_s\skins\nohesi\2016_Gloves_DIFF.dds
1⤵
PID:3092

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads