Analysis
-
max time kernel
119s -
max time network
131s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
12/08/2024, 05:19
General
-
Target
Heaven.Will.Be.Mine/Heaven Will Be Mine/HeavenWillBeMine_Data/sharedassets18.assets
-
Size
7KB
-
MD5
468eb14c1d60b26adbea808b6f71c57a
-
SHA1
985c2f9b7aad302c5c0c43db2a43f17916bf3b14
-
SHA256
2670df0833dfb108ce08f20a06efea58e6e4c84074a87594efc8742912a51c66
-
SHA512
ba47efaf6f798eb63f32905cf3f5986f1e407a79c704974b14217c9a32efa859974ffbe6e9f056294ba8e0d0a4c6e0ca8a5d4af59c7a8b0ec5b9177a4d0b9aef
-
SSDEEP
24:vIASVqcRFCKcCavwMONMkiTHG+MqGkKUiEXOxmbeXtzEqRuyK1EqQDSCz9gu0ygB:zu6oMPr+mJMxmbKzJuyev6Sdum9sh8
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Modifies registry class 9 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Heaven.Will.Be.Mine\Heaven Will Be Mine\HeavenWillBeMine_Data\sharedassets18.assets"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\rundll32.exe"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Heaven.Will.Be.Mine\Heaven Will Be Mine\HeavenWillBeMine_Data\sharedassets18.assets2⤵
- Modifies registry class
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Heaven.Will.Be.Mine\Heaven Will Be Mine\HeavenWillBeMine_Data\sharedassets18.assets"3⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD52ab65fadb63e2b7322d662762a883520
SHA1fd4680b49b76be7177c72edacf2d6230dc389848
SHA2567f0b18099d3481abc37d3e6ef0a7ec8a5c190c9dbe16ddd06e93ebc715c98c9a
SHA512d42eeb020b392aa951a690e155de9656e417717b2cb0a1ba52c36da5751ea36b8f0d04e7a1cb525fa8cb4a3cfcd6f89dc7f561f35c9d264330e5481d37033078