Overview

overview

3

Static

static

1

índice.jpg

windows7-x64

3

índice.jpg

windows10-2004-x64

3

Resubmissions

08/10/2024, 19:32

241008-x888laxhnl 3

08/10/2024, 19:25

241008-x5frwa1elb 3

08/10/2024, 19:20

241008-x2ck2swhrn 3

08/10/2024, 19:13

241008-xxdybazerf 3

08/10/2024, 19:06

241008-xsfakszarh 3

08/10/2024, 19:00

241008-xnsecayelh 3

08/10/2024, 18:52

241008-xh46ysxhja 3

06/10/2024, 15:29

241006-swvr8avhlb 3

06/10/2024, 15:11

241006-skkswavcrh 3

Analysis

  • max time kernel
    983s
  • max time network
    1054s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/10/2024, 15:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    índice.jpg

  • Size

    8KB

  • MD5

    c2e4a60fc3c9a11763c70861d75b22b2

  • SHA1

    66b6246393134f739fbb968c57d9b350e70c627a

  • SHA256

    216dddc94fc57f91e57f7705ae1f3b5d11da33dddf82380c4d7583e8e6f6b7cb

  • SHA512

    df1078767c2a5dfcf44098c4b1b7ddbb8433cbfe48004f7be2713b1a89c51f34c27958c12caad6c266751c0b20c092bf5a90ccf2579f7cae9a02cf08656fda22

  • SSDEEP

    192:cbHewjmpO47w3STW3Gd03o+aKAOCEEUOjj7a8h2:cCwiexWd06KAOCmOxh2

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\índice.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:2828
  • C:\Program Files\Google\Chrome\Application\chrome.exe
    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1936 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:2
    1⤵
      PID:2412
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --mojo-platform-channel-handle=3196 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
      1⤵
        PID:772
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3472 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
        1⤵
          PID:2216
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3592 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
          1⤵
            PID:1052
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2720 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
            1⤵
              PID:2360
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=3712 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
              1⤵
                PID:1972
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --mojo-platform-channel-handle=1516 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                1⤵
                  PID:3020
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1308 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                  1⤵
                    PID:2132
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=2700 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                    1⤵
                      PID:2436
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --mojo-platform-channel-handle=692 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                      1⤵
                        PID:1548
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=2024 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                        1⤵
                          PID:2576
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1900 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                          1⤵
                            PID:2940
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --mojo-platform-channel-handle=1052 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                            1⤵
                              PID:3044
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3888 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                              1⤵
                                PID:1204
                              • C:\Windows\system32\AUDIODG.EXE
                                C:\Windows\system32\AUDIODG.EXE 0x468
                                1⤵
                                • Suspicious use of AdjustPrivilegeToken
                                PID:684
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --mojo-platform-channel-handle=896 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                1⤵
                                  PID:1452
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --mojo-platform-channel-handle=864 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                  1⤵
                                    PID:2372
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --mojo-platform-channel-handle=1316 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                    1⤵
                                      PID:2100
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                                      1⤵
                                        PID:2580
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --mojo-platform-channel-handle=2248 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                        1⤵
                                          PID:1968
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --mojo-platform-channel-handle=3776 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                          1⤵
                                            PID:2904
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4264 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                                            1⤵
                                              PID:1556
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4388 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                                              1⤵
                                                PID:2204
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:8
                                                1⤵
                                                  PID:2540
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --mojo-platform-channel-handle=4464 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                                  1⤵
                                                    PID:2244
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --mojo-platform-channel-handle=3612 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                                    1⤵
                                                      PID:2456
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=4488 --field-trial-handle=1548,i,635103844336012182,11525749995217372850,131072 /prefetch:1
                                                      1⤵
                                                        PID:2960

                                                      Network

                                                      MITRE ATT&CK Enterprise v15

                                                      Replay Monitor

                                                      Loading Replay Monitor...

                                                      Downloads

                                                      • memory/2828-0-0x0000000000420000-0x0000000000421000-memory.dmp

                                                        Filesize

                                                        4KB

                                                        Download