Overview

overview

10

Static

static

3

JournalTrace.exe

windows11-21h2-x64

10

Stub.pyc

windows11-21h2-x64

3

Resubmissions

05-11-2024 01:39

241105-b26m8s1ley 10

03-11-2024 02:45

241103-c8vpzsshmp 10

03-11-2024 00:32

241103-avwn1sspgk 10

Analysis

  • max time kernel
    7s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    05-11-2024 01:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Stub.pyc

  • Size

    874KB

  • MD5

    aea03653dbd22c9c73f07846d02c1a6b

  • SHA1

    16a669d1aff370faf923d76c9d4db263baa67ee5

  • SHA256

    c7e424f1940b0cbc69eb2c25a0907590a96d7185e87194a0d23a372502b19f1d

  • SHA512

    efd71eca998a402e03aff29664dc7352930f77b71f00264e82cb1ecec562b292c38026b5197f2248cc9b04e6e6b972340750dc12a89a74e7265575d3079be846

  • SSDEEP

    12288:kAW+/bNKcO60e4xCggDijVYPc8/SAx0LQGWRV8UIsReSTVhb+lod9koSYG:k8RsKwcijt8/A83IXy9kz

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Stub.pyc
    1⤵
    • Modifies registry class
    PID:3324
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads