Overview

overview

3

Static

static

1

MHDDoS-main.zip

windows10-2004-x64

1

MHDDoS-mai...rt.yml

windows10-2004-x64

3

MHDDoS-mai...ig.yml

windows10-2004-x64

3

MHDDoS-mai...st.yml

windows10-2004-x64

3

MHDDoS-mai...ot.yml

windows10-2004-x64

3

MHDDoS-mai...is.yml

windows10-2004-x64

3

MHDDoS-mai...ge.yml

windows10-2004-x64

3

MHDDoS-mai...ignore

windows10-2004-x64

3

MHDDoS-mai...erfile

windows10-2004-x64

1

MHDDoS-main/LICENSE

windows10-2004-x64

1

MHDDoS-main/README.md

windows10-2004-x64

3

MHDDoS-mai...g.json

windows10-2004-x64

3

MHDDoS-mai...tp.txt

windows10-2004-x64

1

MHDDoS-mai...rs.txt

windows10-2004-x64

1

MHDDoS-mai...nt.txt

windows10-2004-x64

1

MHDDoS-mai...ts.txt

windows10-2004-x64

1

MHDDoS-main/start.py

windows10-2004-x64

3

Analysis

  • max time kernel
    93s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-09-2024 22:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MHDDoS-main.zip

  • Size

    44KB

  • MD5

    a8d079f288a9324714624e5ba83bd4d6

  • SHA1

    28f9f6b5867216b28f219f114154f2042e6f2115

  • SHA256

    6e2b4f2c1cfb35a23a4b279d240649ea63e1220d1c81ecc705874b72152423de

  • SHA512

    6beb4a6163e89f4123d6c8b8cc1f038f7a056b08e53b74f0b034a79cb98f3cde96d7179fc092a7568c4ece919ba87486147b9f91da82e1ff2bc7e70a65472087

  • SSDEEP

    768:jwzbcYGZpnz0L05VFsNDXUWCvC9ZcnTGyeAgeJPMQJeEGwJW7nj2PCvBy+3rW1tA:czpGZ1z3AkPCMTGoNhMQwE1JI3rW1tjM

Score
1/10

Malware Config

Signatures

  • Modifies registry class 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 2 IoCs
  • Suspicious use of SetWindowsHookEx 18 IoCs

Processes

  • C:\Windows\Explorer.exe
    C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\MHDDoS-main.zip
    1⤵
      PID:4388
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3692
      • C:\Windows\system32\OpenWith.exe
        C:\Windows\system32\OpenWith.exe -Embedding
        1⤵
        • Modifies registry class
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:4868
      • C:\Windows\system32\OpenWith.exe
        C:\Windows\system32\OpenWith.exe -Embedding
        1⤵
        • Modifies registry class
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:1968

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads