Analysis
-
max time kernel
137s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
30/10/2024, 14:21
Static task
static1
Behavioral task
behavioral1
Sample
3.reg
Resource
win7-20240903-en
9 signatures
150 seconds
Behavioral task
behavioral2
Sample
3.reg
Resource
win10v2004-20241007-en
2 signatures
150 seconds
General
-
Target
3.reg
-
Size
582B
-
MD5
d95789a18cf895b23e2ab8516ff9e56a
-
SHA1
b79b3245f4d592cb5ed3037faf0ea2ac33aa686e
-
SHA256
df213e4acfbe3024e83dfc6cf26ceaa9ded1d2289db97a457917ae261c55adf0
-
SHA512
cbe5330e691679b0d9e3dd907eabfb14a5aad5404e15eeab51d40ec0aafd0839a7ea2eff9c9f58d1592b9384844a2b0079debf58331ee577294ce01f8986c425
Score
8/10
Malware Config
Signatures
-
Modify Registry: Disable Windows Driver Blocklist 2 TTPs 1 IoCs
Disable Windows Driver Blocklist via Registry.
description ioc Process Set value (int) \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\CI\Config\VulnerableDriverBlocklistEnable = "0" regedit.exe -
Runs .reg file with regedit 1 IoCs
pid Process 436 regedit.exe