578993fcf8d57252bc34536c01dc853a374e60def68f60b2826c3de0826ea00c

Analysis

max time kernel
94s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/08/2024, 01:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ventoy-1.0.99/altexe/VentoyPlugson_X64.exe
Size

450KB
MD5

b12066183b66c7238a5cdf916dcbf58e
SHA1

ee7e7c80e67adb871dc6f86d2069a938e7960931
SHA256

cc50e92dfacbbab0d436c6f7c283c5ce7cab0e4578f137d8306237bdd4fd5f25
SHA512

9d8be1ecdd36697d02761f1d80e9c3f4128b45a36c6b031f6f045f55e78ea5e9b5f18d258a587be95009206b45ea000c4d1e5ad2742783d1910527dd91ac185a
SSDEEP

12288:mZDhU+g1NufmjdQNzhaibzFKzy/MJQC8J:mHUizhai3FKy/MJQCA

Score

6^/10

Malware Config

Signatures

Enumerates connected drives 3 TTPs 2 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\D:	VentoyPlugson_X64.exe
File opened (read-only)	\??\F:	VentoyPlugson_X64.exe

C:\Users\Admin\AppData\Local\Temp\ventoy-1.0.99\altexe\VentoyPlugson_X64.exe
"C:\Users\Admin\AppData\Local\Temp\ventoy-1.0.99\altexe\VentoyPlugson_X64.exe"
1⤵
- Enumerates connected drives
PID:1424

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\ventoy-1.0.99\VentoyPlugson.log

Filesize
1KB

MD5
02d54f698c29d3bed684d20b2c4b75d0

SHA1
463ac652906ad4fb7319abec11e9ff6dfbc01234

SHA256
1832aca3e11cf0df6d46524d43edba4e4371b52cff6838a3f91ab2f910f98746

SHA512
57f5a54cfb6067d2fc366f0a82c4c06233a413f71bef00c8bd5a5f6843133486559a8cea1aaa19b5fb99b85ef2e03e38880914c5dbc4c9252a014aec4fac8ee0

Download Submit