Overview

overview

10

Static

static

10

Epic-Games.exe

windows10-2004-x64

9

discord_to...er.pyc

windows10-2004-x64

3

get_cookies.pyc

windows10-2004-x64

3

misc.pyc

windows10-2004-x64

3

passwords_grabber.pyc

windows10-2004-x64

3

source_prepared.pyc

windows10-2004-x64

3

Resubmissions

25/08/2024, 21:53

240825-1rsq3ayflk 10

25/08/2024, 21:50

240825-1pwd6syejm 10

Analysis

  • max time kernel
    1682s
  • max time network
    1149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/08/2024, 21:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    source_prepared.pyc

  • Size

    167KB

  • MD5

    78d8a09d0233e1f95ae3d7112a0ceb33

  • SHA1

    95d72f244189aded984a6d4f925de2577f4196ff

  • SHA256

    bf47d5ebfb91416876ec05ab8ea62e8595cc31a7484d8f516e53b9a82b58f257

  • SHA512

    10bf3ebca4787631f3e26022a65d7048f82cc1f19a1d113e7706bdd3e3da020fb0a5f9afb6258fdb713a880b44d982a6c90bc66488d8a0177169e9866474816a

  • SSDEEP

    3072:te3eaaOO91ySDzvko4PZTw0IYScR0u4IvdXz5DsTW0:ZaaOO91yS/kooIf80ubsn

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\source_prepared.pyc
    1⤵
    • Modifies registry class
    PID:60
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3264

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads