Resubmissions

11-08-2024 08:57

240811-kwnd5ssgrq 8

11-08-2024 08:53

240811-ktthdasgml 8

11-08-2024 08:47

240811-kp4sjssflj 10

11-08-2024 08:37

240811-kjelgawfla 8

11-08-2024 08:32

240811-ke9k2sscqm 10

11-08-2024 08:29

240811-kdnl7awdrb 6

11-08-2024 08:26

240811-kbzxfawdlc 6

Analysis

  • max time kernel
    193s
  • max time network
    295s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    11-08-2024 08:32

General

  • Target

    MEMZ-Destructive.7z

  • Size

    17KB

  • MD5

    d91a65636b8d4b7437983e064e2580fa

  • SHA1

    2bfaf387d22b7e9c1a54c35d8ab33fa84006ece3

  • SHA256

    c547f9193b8fcb681dbb93968d54ac9912901097e1912ff7ad11c5a9ee13062c

  • SHA512

    0175a90f980354b6f9a0fb66be6672c18c03a33fb547a0a16d159f18745f59fc5f4d9dae69dfd4d3bcffbc1bd3bbc73901000931dc3c12b70dde6e4e72a92f9f

  • SSDEEP

    384:CxpNbARMGzvkdrUUAhybY4GfheFQb4M4ecf3iQ/FF87u20VoDWXeQT:Cxp6RLzMtUUVMsFQb4ycfiQ/o10XeQT

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\MEMZ-Destructive.7z
    1⤵
    • Modifies registry class
    PID:5112
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads