Overview

overview

7

Static

static

1

captainsim...es.rar

windows7-x64

3

captainsim...es.rar

windows10-2004-x64

3

captainsim...tz.ttf

windows7-x64

4

captainsim...tz.ttf

windows10-2004-x64

7

captainsim...ar.ttf

windows7-x64

3

captainsim...ar.ttf

windows10-2004-x64

7

captainsim...ch.flt

windows7-x64

3

captainsim...ch.flt

windows10-2004-x64

3

captainsim...se.flt

windows7-x64

3

captainsim...se.flt

windows10-2004-x64

3

captainsim...ft.cfg

windows7-x64

3

captainsim...ft.cfg

windows10-2004-x64

3

captainsim...on.flt

windows7-x64

3

captainsim...on.flt

windows10-2004-x64

3

captainsim...as.cfg

windows7-x64

3

captainsim...as.cfg

windows10-2004-x64

3

captainsim...mb.flt

windows7-x64

3

captainsim...mb.flt

windows10-2004-x64

3

captainsim...es.cfg

windows7-x64

3

captainsim...es.cfg

windows10-2004-x64

3

captainsim...al.flt

windows7-x64

3

captainsim...al.flt

windows10-2004-x64

3

captainsim...el.cfg

windows7-x64

3

captainsim...el.cfg

windows10-2004-x64

3

captainsim...ay.cfg

windows7-x64

3

captainsim...ay.cfg

windows10-2004-x64

3

captainsim...04.bin

windows7-x64

3

captainsim...04.bin

windows10-2004-x64

3

captainsim...4.gltf

windows7-x64

3

captainsim...4.gltf

windows10-2004-x64

3

captainsim...04.xml

windows7-x64

3

captainsim...04.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/09/2024, 17:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    captainsim-aircraft-m774/SimObjects/Airplanes/CS_B777F_GE110B1/flight_model.cfg

  • Size

    34KB

  • MD5

    ad8b4bec66951cfef70f37418ade14c9

  • SHA1

    6c2edcd11f9674d5317183ec64c6dfb75e2df8e7

  • SHA256

    b56abe33cb23cf5aea0c7f63a40078b2977ce445b815ddf10219b7a93bcefdca

  • SHA512

    4bbbe6f04d45b15155a6e6190aea14b3e4b560bcd842a73eb16f23e3cc234a7d8e95c09d5003d3fdcb176d21cb1e32293782105020015797f0afb78a5cb42947

  • SSDEEP

    384:jJxlDhtm7rk6lf7n1ftDzqTQ50BcZmGtW3EPJEzMLlIV+hYFfxLE:BDDCrk6lfz1lDzqTRGtME1LlJYlxLE

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\captainsim-aircraft-m774\SimObjects\Airplanes\CS_B777F_GE110B1\flight_model.cfg
    1⤵
    • Modifies registry class
    PID:3696
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:916

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads