Resubmissions
26-08-2024 06:08
240826-gvvv2syflc 726-08-2024 05:33
240826-f8z69axflf 726-08-2024 05:27
240826-f5sb8sxele 726-08-2024 04:43
240826-fcbh1swakb 705-07-2024 19:05
240705-xrx41atcmk 7Analysis
-
max time kernel
1792s -
max time network
1144s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
26-08-2024 06:08
Behavioral task
behavioral1
Sample
Scan wallet v6.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Scan wallet v6.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
v7.0.pyc
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
v7.0.pyc
Resource
win10v2004-20240802-en
General
-
Target
v7.0.pyc
-
Size
29KB
-
MD5
15b5c939577a333641d04b110e3bd934
-
SHA1
b2cb6aed25773c1f2cc6dbf30c906b398dbf20f2
-
SHA256
a068d7255cb75b4981b10bdeb018ff1355c35fbd6a79922c4e0ae2ae9a15b55e
-
SHA512
59afa134efe3bda52891b78ba4cb0d7448c367e150abeaa3ccc784187f62fe66aa0eb5d41598afaa962798a09788ff13faf6aac95a758eb56e25f52e238539a8
-
SSDEEP
384:FA0sOoFJBSxZ282mTUpLobs7RFuRgUZ/YissIg/c0qU:WhcT/s7RFuyUpc1U
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
OpenWith.execmd.exedescription ioc Process Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings OpenWith.exe Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings cmd.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid Process 4532 OpenWith.exe