Overview

overview

7

Static

static

3

d49877b56e...78.exe

windows7-x64

7

d49877b56e...78.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/dxwebsetup.exe

windows7-x64

7

$TEMP/dxwebsetup.exe

windows10-2004-x64

7

7za.exe

windows7-x64

3

7za.exe

windows10-2004-x64

3

ClassLibrary1.dll

windows7-x64

3

ClassLibrary1.dll

windows10-2004-x64

3

nbswave/__init__.pyc

windows7-x64

3

nbswave/__init__.pyc

windows10-2004-x64

3

nbswave/audio.pyc

windows7-x64

3

nbswave/audio.pyc

windows10-2004-x64

3

nbswave/main.pyc

windows7-x64

3

nbswave/main.pyc

windows10-2004-x64

3

nbswave/nbs.pyc

windows7-x64

3

nbswave/nbs.pyc

windows10-2004-x64

3

pydub/__init__.pyc

windows7-x64

3

pydub/__init__.pyc

windows10-2004-x64

3

pydub/audi...nt.pyc

windows7-x64

3

pydub/audi...nt.pyc

windows10-2004-x64

3

pydub/effects.pyc

windows7-x64

3

pydub/effects.pyc

windows10-2004-x64

3

pydub/exceptions.pyc

windows7-x64

3

pydub/exceptions.pyc

windows10-2004-x64

3

pydub/generators.pyc

windows7-x64

3

pydub/generators.pyc

windows10-2004-x64

3

pydub/logg...ls.pyc

windows7-x64

3

pydub/logg...ls.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    94s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/10/2024, 02:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    pydub/__init__.pyc

  • Size

    182B

  • MD5

    24a342e1e9bee423259b9d5bfb928e40

  • SHA1

    51593bbec99baae53b877a455998d2c938126fe1

  • SHA256

    d622f85f16e66bbdc26e9c72b6ce3d9461c3d7ca771c83335e3663557bde3c8c

  • SHA512

    50ac0000bdd32233bc7bf70dc749d998667aaf6c7f5db5f91705be7b28b1f960c75b18cfd2d0fb6057b48e30d9e252771656d58f8b81458b90a4cc3a227474b7

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\pydub\__init__.pyc
    1⤵
    • Modifies registry class
    PID:3160
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:224

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads