Overview

overview

10

Static

static

10

riptweakcracked.7z

windows7-x64

7

riptweakcracked.7z

windows10-2004-x64

1

riptweakcr...nt.pak

windows7-x64

3

riptweakcr...nt.pak

windows10-2004-x64

3

riptweakcr...nt.pak

windows7-x64

3

riptweakcr...nt.pak

windows10-2004-x64

3

riptweakcr...tl.dat

windows7-x64

3

riptweakcr...tl.dat

windows10-2004-x64

3

riptweakcr...af.pak

windows7-x64

3

riptweakcr...af.pak

windows10-2004-x64

3

riptweakcr...am.pak

windows7-x64

3

riptweakcr...am.pak

windows10-2004-x64

3

riptweakcr...ar.pak

windows7-x64

3

riptweakcr...ar.pak

windows10-2004-x64

3

riptweakcr...bg.pak

windows7-x64

3

riptweakcr...bg.pak

windows10-2004-x64

3

riptweakcr...bn.pak

windows7-x64

3

riptweakcr...bn.pak

windows10-2004-x64

3

riptweakcr...ca.pak

windows7-x64

3

riptweakcr...ca.pak

windows10-2004-x64

3

riptweakcr...cs.pak

windows7-x64

3

riptweakcr...cs.pak

windows10-2004-x64

3

riptweakcr...da.pak

windows7-x64

3

riptweakcr...da.pak

windows10-2004-x64

3

riptweakcr...de.pak

windows7-x64

3

riptweakcr...de.pak

windows10-2004-x64

3

riptweakcr...el.pak

windows7-x64

3

riptweakcr...el.pak

windows10-2004-x64

3

riptweakcr...GB.pak

windows7-x64

3

riptweakcr...GB.pak

windows10-2004-x64

3

riptweakcr...US.pak

windows7-x64

3

riptweakcr...US.pak

windows10-2004-x64

3

Analysis

  • max time kernel
    1799s
  • max time network
    1822s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2024, 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    riptweakcracked/locales/ca.pak

  • Size

    140KB

  • MD5

    8fc109e240399b85168725bf46d0e512

  • SHA1

    c42c1fc06b2c0e90d393a8ae9cebcdd0030642e5

  • SHA256

    799ac8c1fa9cdd6a0c2e95057c3fc6b54112fe2aebbb1a159d9dac9d1583ca62

  • SHA512

    84a51f291d75b2d60849edbc1958a50cfe2ac288ce716bf4827038b47bd855a65d04ebcef6f92d78e31a27daa63f07772149798740652078e27ec68930ec07dc

  • SSDEEP

    3072:Y1yZNTtAaCcg4H65rKoMVhoVFBL8lmoT69Q1H7O/RjbNO5ufzwXi3Sk75CU/XlH7:72ZcgNoF0O5hXi3Sk75CU/XdFtXfjt+O

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\ca.pak
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2340
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\ca.pak
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:828
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\ca.pak"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    42fed03cc5735dfec1695c86bafd1486

    SHA1

    45d63b7ed172eebbd911a16806221314f34940c0

    SHA256

    dfe54fcc87f206ecb061709c9f4e84da9b9262fa93377e484902202fa44bd8e2

    SHA512

    4a34a5c7c8185b807536bd38ab8f3adf2a25e04b2851bb1873f35e26d8999e092d94b70c05a7e3fb22d9c3c3fa46b5080eb5f44b7b91c9107f1553308d26fe94

    Download Submit