Overview

overview

3

Static

static

1

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...ent.py

windows7-x64

3

seleniumba...ent.py

windows10-2004-x64

3

seleniumba...tor.py

windows7-x64

3

seleniumba...tor.py

windows10-2004-x64

3

seleniumba...age.py

windows7-x64

3

seleniumba...age.py

windows10-2004-x64

3

seleniumba...ted.py

windows7-x64

3

seleniumba...ted.py

windows10-2004-x64

3

seleniumba...abs.py

windows7-x64

3

seleniumba...abs.py

windows10-2004-x64

3

seleniumba...ase.py

windows7-x64

3

seleniumba...ase.py

windows10-2004-x64

3

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...cts.py

windows7-x64

3

seleniumba...cts.py

windows10-2004-x64

3

seleniumba...les.py

windows7-x64

3

seleniumba...les.py

windows10-2004-x64

3

seleniumba...cts.py

windows7-x64

3

seleniumba...cts.py

windows10-2004-x64

3

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...est.py

windows7-x64

3

seleniumba...est.py

windows10-2004-x64

3

seleniumba...cts.py

windows7-x64

3

seleniumba...cts.py

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    04/09/2024, 06:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    seleniumbase-SeleniumBase-aed62a4/examples/behave_bdd/features/steps/fail_page.py

  • Size

    268B

  • MD5

    bb50cf6ec98a010258a78d7da1cdee83

  • SHA1

    d5b1c9e10a950879eaac81d8293227417a1922fc

  • SHA256

    82f2be49792a3f6e81f89b39653c92c34bc2c4a4db5800a995fdf75c3573025f

  • SHA512

    1354495996761b03f5732d7b5654f44f2a957c49437a19fa11be1f713c07a85875a3b60f0b1db6873d70d8c767b78e2e486b063ff0619c00851690264cfb0360

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\seleniumbase-SeleniumBase-aed62a4\examples\behave_bdd\features\steps\fail_page.py
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\seleniumbase-SeleniumBase-aed62a4\examples\behave_bdd\features\steps\fail_page.py
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2192
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\seleniumbase-SeleniumBase-aed62a4\examples\behave_bdd\features\steps\fail_page.py"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2808

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    463568ce2cb2ffba56f85424f2ee006c

    SHA1

    0fed8e705e8e1b953ae8033433e13c7bdadb7d27

    SHA256

    31590d94a4b2fa4053d470db19cdcabb89116266af49189f2ace8aec276a6191

    SHA512

    a98f649930f9a097a9fdab2f89583becfd87ac1a3127a1c13021de57acfd4a286f1b04bb261d6d39e0d362f18dd17b7c2237f5f4d12bad56ee669c236c31827b

    Download Submit