Overview

overview

3

Static

static

1

RedTiger-T...rlinux

windows10-1703-x64

1

RedTiger-T...ger.py

windows10-1703-x64

3

RedTiger-T...fig.py

windows10-1703-x64

3

RedTiger-T...til.py

windows10-1703-x64

3

RedTiger-T...10.pyc

windows10-1703-x64

3

RedTiger-T...12.pyc

windows10-1703-x64

3

RedTiger-T...10.pyc

windows10-1703-x64

3

RedTiger-T...12.pyc

windows10-1703-x64

3

RedTiger-T...12.pyc

windows10-1703-x64

3

RedTiger-T...12.pyc

windows10-1703-x64

3

RedTiger-T...12.pyc

windows10-1703-x64

3

RedTiger-T...-Id.py

windows10-1703-x64

3

RedTiger-T...ker.py

windows10-1703-x64

3

RedTiger-T...tor.py

windows10-1703-x64

3

RedTiger-T...nfo.py

windows10-1703-x64

3

RedTiger-T...nds.py

windows10-1703-x64

3

RedTiger-T...-Dm.py

windows10-1703-x64

3

RedTiger-T...nds.py

windows10-1703-x64

3

RedTiger-T...tor.py

windows10-1703-x64

3

RedTiger-T...ger.py

windows10-1703-x64

3

RedTiger-T...nfo.py

windows10-1703-x64

3

RedTiger-T...ner.py

windows10-1703-x64

3

RedTiger-T...ger.py

windows10-1703-x64

3

RedTiger-T...ver.py

windows10-1703-x64

3

RedTiger-T...gin.py

windows10-1703-x64

3

RedTiger-T...-Dm.py

windows10-1703-x64

3

RedTiger-T...ker.py

windows10-1703-x64

3

RedTiger-T...aid.py

windows10-1703-x64

3

RedTiger-T...mer.py

windows10-1703-x64

3

RedTiger-T...ger.py

windows10-1703-x64

3

RedTiger-T...ger.py

windows10-1703-x64

3

RedTiger-T...ute.py

windows10-1703-x64

3

Resubmissions

14/08/2024, 10:11

240814-l735ea1eql 3

24/06/2024, 03:23

240624-dxjzsazbkl 6

Analysis

  • max time kernel
    315s
  • max time network
    1609s
  • platform
    windows10-1703_x64
  • resource
    win10-20240404-en
  • resource tags

    arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
  • submitted
    14/08/2024, 10:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    RedTiger-Tools-main/Settings/Program/Discord-Token-To-Id-And-Brute.py

  • Size

    3KB

  • MD5

    fa3649761eb9ced9cdbaae5e8808b27f

  • SHA1

    53e5bfa77f070e891af549d8d525c479d00ecf2b

  • SHA256

    78b54e5db1b7632988ded76bb37c80580039e7a7f97e3d81b79ca024f977c4a7

  • SHA512

    363edeb107d2eeb9436f5482c40756ea9bb1c0a2bb2881f28b891ead7790555e5535330da42477eadbf616ef6112244f44602cab119cf6e295a2d18ca93d9d6b

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\RedTiger-Tools-main\Settings\Program\Discord-Token-To-Id-And-Brute.py
    1⤵
    • Modifies registry class
    PID:2916
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4508

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads