Resubmissions
11-08-2024 08:57
240811-kwnd5ssgrq 811-08-2024 08:53
240811-ktthdasgml 811-08-2024 08:47
240811-kp4sjssflj 1011-08-2024 08:37
240811-kjelgawfla 811-08-2024 08:32
240811-ke9k2sscqm 1011-08-2024 08:29
240811-kdnl7awdrb 611-08-2024 08:26
240811-kbzxfawdlc 6Analysis
-
max time kernel
193s -
max time network
295s -
platform
windows11-21h2_x64 -
resource
win11-20240802-en -
resource tags
arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system -
submitted
11-08-2024 08:32
Static task
static1
Behavioral task
behavioral1
Sample
MEMZ-Destructive.7z
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
MEMZ-Destructive.7z
Resource
win11-20240802-en
General
-
Target
MEMZ-Destructive.7z
-
Size
17KB
-
MD5
d91a65636b8d4b7437983e064e2580fa
-
SHA1
2bfaf387d22b7e9c1a54c35d8ab33fa84006ece3
-
SHA256
c547f9193b8fcb681dbb93968d54ac9912901097e1912ff7ad11c5a9ee13062c
-
SHA512
0175a90f980354b6f9a0fb66be6672c18c03a33fb547a0a16d159f18745f59fc5f4d9dae69dfd4d3bcffbc1bd3bbc73901000931dc3c12b70dde6e4e72a92f9f
-
SSDEEP
384:CxpNbARMGzvkdrUUAhybY4GfheFQb4M4ecf3iQ/FF87u20VoDWXeQT:Cxp6RLzMtUUVMsFQb4ycfiQ/o10XeQT
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-1287768749-810021449-2672985988-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 720 OpenWith.exe