Overview

overview

3

Static

static

1

IMG_1034.png

windows7-x64

3

IMG_1034.png

windows10-2004-x64

3

Resubmissions

23-11-2024 00:00

241123-aah77asngx 4

22-11-2024 22:59

241122-2ymzts1phv 3

Analysis

  • max time kernel
    354s
  • max time network
    355s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    22-11-2024 22:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IMG_1034.png

  • Size

    57KB

  • MD5

    2fa3a6aebad63bce2747f8d8f6070035

  • SHA1

    a604ca1b889ed26529932638adc1dd904a6216ca

  • SHA256

    d22893a49e8de2799d195b7a8edaf30c7dad61b5ceb1f2f64387daf3e122b168

  • SHA512

    c9143afebad29305502e27d4ad4206604ff5358a95b4627749972c71a621081e520e48ce663d02550b198e7c283b0a40b704444687dfeff9943d95f2e7d85b90

  • SSDEEP

    1536:OcMrREhZDDJfULCrwmplvzhwPPhXgUliBp7Q+61rv4AE:XMO31OIrrz4RgaKp7Q+kv+

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\IMG_1034.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2224-0-0x00000000001A0000-0x00000000001A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2224-1-0x00000000001A0000-0x00000000001A1000-memory.dmp

    Filesize

    4KB

    Download