192fc1ee17532a8b774faee41e4a984563800bbfcb9300ff4c6ca1bab53ce992

Resubmissions

11/08/2024, 12:46

240811-pzmdgathqa 7

11/08/2024, 12:21

240811-pjrcgsygrj 7

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
11/08/2024, 12:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ChessAssist-v28.3/assets/font.ttf
Size

130KB
MD5

cb78d8420ac5bc66e3606dd582d5bc08
SHA1

908c8317572c7cff1be2155688f93f95c47c0c5c
SHA256

f4fa94feebf695faf72bc43a064e482a896a6e4ec30e56c9f283723be02144f5
SHA512

e824da8bad4e818fb1bbd7215d829dbf26f8b5eca7bebc39835e044d602b9aa17ec632ee69cb79072b4600751fab29b48f1d8b747a70416ac4ee5d6fd07a2c2a
SSDEEP

3072:gzgv09uYPUi00NMQX17n2RDLvAMMxFo78qFgY+Oow1YCkx83PWdDZVhBInqdY9X/:gcvwu3i00TzefvAMMxFo7vF+3w1Jg83x

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 2552	2212	cmd.exe	31
PID 2212 wrote to memory of 2552	2212	cmd.exe	31
PID 2212 wrote to memory of 2552	2212	cmd.exe	31

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\ChessAssist-v28.3\assets\font.ttf
1⤵
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Windows\System32\fontview.exe
  "C:\Windows\System32\fontview.exe" C:\Users\Admin\AppData\Local\Temp\ChessAssist-v28.3\assets\font.ttf
  2⤵
  PID:2552

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads