Resubmissions

12/08/2024, 06:02

240812-grwm6ssfqc 7

12/08/2024, 05:19

240812-fz37jsxbqk 7

Analysis

  • max time kernel
    136s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/08/2024, 05:19

General

  • Target

    Heaven.Will.Be.Mine/Heaven Will Be Mine/HeavenWillBeMine_Data/sharedassets0.assets

  • Size

    11.3MB

  • MD5

    b3ae61ea5edb1570d0631ffc12b8f0e3

  • SHA1

    d18c5de7c5e6a5b4b4299e49f4a04bf49e79cc5f

  • SHA256

    6c6e97a3e84a9f02bbe786a6923e4ece32c726f911c56863c51918518b9ef125

  • SHA512

    3fbd884db2c9bcb7132dfd05c4b83c0b7c2989a997e310ada5ad0c617169086b29ec03ba3e7318b7b3359088ce56dacf435ca931a09301c48e66513fc887026d

  • SSDEEP

    98304:wkS1YrnEgEykBSQI2W5F+lDBLwf+oRcvwu3707iQMMvozFVrw1J7OsBnDnqJXZ0C:wkSi7VF2pl1GcERserNM0tk

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\Heaven.Will.Be.Mine\Heaven Will Be Mine\HeavenWillBeMine_Data\sharedassets0.assets"
    1⤵
    • Modifies registry class
    PID:4156
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:672

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads