Analysis
-
max time kernel
361s -
max time network
364s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
03-11-2024 16:57
Behavioral task
behavioral1
Sample
DYPCWK.png
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DYPCWK.png
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
Sunny Nagra Payroll Increment Bonus And Payroll Sign&Review nfuqdz.pdf
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Sunny Nagra Payroll Increment Bonus And Payroll Sign&Review nfuqdz.pdf
Resource
win10v2004-20241007-en
General
-
Target
DYPCWK.png
-
Size
5KB
-
MD5
1c41d3c26e794877101ecf1132425d02
-
SHA1
ddbded8d736130051365aa7ba76353dfdd4f540b
-
SHA256
1ec6020730248bd1a9277cb026cf0e0caebff011dec6b4ae8b0bcb4ecf774870
-
SHA512
70493ef3e3dd5830746891a2e825647d2721f5d19f7710939d7a30bb50644ee8ad30c7481b4041594122c5637ef87a630db416fba9c8a5c4a098d82a6f2b8f9a
-
SSDEEP
96:eq9ceRHijHLT2+guA7B+gRHthVIhD2SRvI+qSMUq7xajvDD8Gq+0M2oWnT:zNRcHLS+guA7BrbVQZBI+qZxajvDAGFs
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2012 rundll32.exe