Overview

overview

7

Static

static

3

htground.exe

windows10-1703-x64

7

$PLUGINSDI...er.dll

windows10-1703-x64

3

$PLUGINSDI...ls.dll

windows10-1703-x64

3

$PLUGINSDI...em.dll

windows10-1703-x64

3

$PLUGINSDI...ll.dll

windows10-1703-x64

3

$PLUGINSDIR/app-64.7z

windows10-1703-x64

3

locales/tr.pak

windows10-1703-x64

3

locales/uk.pak

windows10-1703-x64

3

locales/ur.pak

windows10-1703-x64

3

locales/vi.pak

windows10-1703-x64

3

locales/zh-CN.pak

windows10-1703-x64

3

locales/zh-TW.pak

windows10-1703-x64

3

resources.pak

windows10-1703-x64

3

resources/...te.yml

windows10-1703-x64

3

resources/app.js

windows10-1703-x64

3

resources/...s.d.ts

windows10-1703-x64

1

resources/...ac.xml

windows10-1703-x64

3

resources/...n.icns

windows10-1703-x64

3

resources/...on.ico

windows10-1703-x64

3

resources/elevate.exe

windows10-1703-x64

3

snapshot_blob.bin

windows10-1703-x64

3

v8_context...ot.bin

windows10-1703-x64

3

vk_swiftshader.dll

windows10-1703-x64

1

vk_swiftsh...d.json

windows10-1703-x64

3

vulkan-1.dll

windows10-1703-x64

1

$PLUGINSDI...ec.dll

windows10-1703-x64

3

$PLUGINSDI...7z.dll

windows10-1703-x64

3

$R0/Uninst...nd.exe

windows10-1703-x64

7

$PLUGINSDI...ls.dll

windows10-1703-x64

3

$PLUGINSDI...em.dll

windows10-1703-x64

3

$PLUGINSDI...ll.dll

windows10-1703-x64

3

$PLUGINSDI...ec.dll

windows10-1703-x64

3

Analysis

  • max time kernel
    129s
  • max time network
    136s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-es
  • resource tags

    arch:x64arch:x86image:win10-20240404-eslocale:es-esos:windows10-1703-x64systemwindows
  • submitted
    07/08/2024, 08:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    v8_context_snapshot.bin

  • Size

    581KB

  • MD5

    264e3b574e4f86b1fc47b2427402e779

  • SHA1

    4a4f9e7c3da262713e4cf7af6ac51822c56b5ef3

  • SHA256

    ed559c6e81b6003b2057e5c1b0bdb5b28ca094b895ca86c69fe11c5c9e014f06

  • SHA512

    144365d0fb83576aaa02ea6ecea51d7ba2cacb044eea568a08f65b98a83d3e7d7e693738e065e22f94bfd1165d0ea93a749dd1325d829257a9bb6607a9a927db

  • SSDEEP

    6144:6TY0P3R2EpdCFbECxUg8zifcarDJI2GZaGKtQPd9ZVetBRkPjBgnYAz7E:m5itRHtQfVEP7E

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\v8_context_snapshot.bin
    1⤵
    • Modifies registry class
    PID:2592
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4288

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads