Overview

overview

3

Static

static

3

Minecraft....io.exe

windows11-21h2-x64

3

$PLUGINSDI...er.bmp

windows11-21h2-x64

3

$PLUGINSDI...rd.bmp

windows11-21h2-x64

3

Data/Pytho...es.zip

windows11-21h2-x64

1

Data/Pytho...SE.txt

windows11-21h2-x64

3

Data/Pytho...30.pxd

windows11-21h2-x64

3

Data/Pytho...__.pxd

windows11-21h2-x64

3

Data/Pytho...__.pyi

windows11-21h2-x64

3

Data/Pytho...er.pyi

windows11-21h2-x64

3

Data/Pytho...le.pyi

windows11-21h2-x64

3

Data/Pytho...__.pyi

windows11-21h2-x64

3

Data/Pytho...ay.pyi

windows11-21h2-x64

3

Data/Pytho...hack.c

windows11-21h2-x64

3

Data/Pytho...__.pyi

windows11-21h2-x64

3

Data/Pytho...ft.pyi

windows11-21h2-x64

3

Data/Pytho...er.pyi

windows11-21h2-x64

3

Data/Pytho...__.pyi

windows11-21h2-x64

3

Data/Pytho...on.pyi

windows11-21h2-x64

3

Data/Pytho...ad.pyi

windows11-21h2-x64

3

Data/Pytho...ps.pyi

windows11-21h2-x64

3

Data/Pytho...or.pyi

windows11-21h2-x64

3

Data/Pytho...at.pyi

windows11-21h2-x64

3

Data/Pytho...se.pyi

windows11-21h2-x64

3

Data/Pytho...ms.pyi

windows11-21h2-x64

3

Data/Pytho...ks.pyi

windows11-21h2-x64

3

Data/Pytho...se.pyi

windows11-21h2-x64

3

Data/Pytho...ce.pyc

windows11-21h2-x64

3

Data/Pytho...ad.pyc

windows11-21h2-x64

3

Data/Pytho...at.pyc

windows11-21h2-x64

3

Data/Pytho...ay.pyc

windows11-21h2-x64

3

Data/Pytho...__.pyc

windows11-21h2-x64

3

Data/Pytho...32.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    28s
  • max time network
    142s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    18/08/2024, 14:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/modern-header.bmp

  • Size

    25KB

  • MD5

    9baf348123145384f8018572351c8f62

  • SHA1

    6521e4e9b137d7c2f02ecf104b8665dc5eed1a63

  • SHA256

    366823d49cc95d51e84a8dbf5bf5ff74aec531449c128d74e1bf0def3e37dabc

  • SHA512

    1e870fcb01b4213b180d044bf1e2ead745486f9deb9ed410f1b53139694dddade9fab5a2ae362c3d74a4af0a64518f522a36060668f00411d7071cd1a587c49f

  • SSDEEP

    192:UnONisZOI3sBIitb7Nyx43ltStS0bXMVfl:UnoZOI3j7S0bXM

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\modern-header.bmp
    1⤵
    • Modifies registry class
    PID:4112
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3252

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads