78c8866893236cd959f3a92f0395e74156102a7d1241d86ab32f272cfa29ab29

Resubmissions

25/09/2024, 06:14

240925-gzpjtsselc 5

25/09/2024, 04:21

240925-eym89svdmn 5

Analysis

max time kernel
95s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
25/09/2024, 06:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4-NOTIFICACION DEMANDA LABORAL -4.msg
Size

450KB
MD5

87e289195af7d0b2588a8b72a034a0ec
SHA1

c7f5a6660664b834bfcc5d3017387b66fea04539
SHA256

78c8866893236cd959f3a92f0395e74156102a7d1241d86ab32f272cfa29ab29
SHA512

d546726076dc1fb04ca191315dc5a794915963324243368024a191a3b8c6542ff0a1dcbb246504068c28da90287e7f6b030f4ebbb018b733831b180a02c9a486
SSDEEP

6144:u4G4j56Lf0LsuC4fBpCoK21dE+XlpJGwSsKld:t6LcLLCJ21GApJGwvk

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2204	OpenWith.exe

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\4-NOTIFICACION DEMANDA LABORAL -4.msg"
1⤵
- Modifies registry class
PID:4396

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2204

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads