Overview

overview

10

Static

static

10

riptweakcracked.7z

windows7-x64

7

riptweakcracked.7z

windows10-2004-x64

1

riptweakcr...nt.pak

windows7-x64

3

riptweakcr...nt.pak

windows10-2004-x64

3

riptweakcr...nt.pak

windows7-x64

3

riptweakcr...nt.pak

windows10-2004-x64

3

riptweakcr...tl.dat

windows7-x64

3

riptweakcr...tl.dat

windows10-2004-x64

3

riptweakcr...af.pak

windows7-x64

3

riptweakcr...af.pak

windows10-2004-x64

3

riptweakcr...am.pak

windows7-x64

3

riptweakcr...am.pak

windows10-2004-x64

3

riptweakcr...ar.pak

windows7-x64

3

riptweakcr...ar.pak

windows10-2004-x64

3

riptweakcr...bg.pak

windows7-x64

3

riptweakcr...bg.pak

windows10-2004-x64

3

riptweakcr...bn.pak

windows7-x64

3

riptweakcr...bn.pak

windows10-2004-x64

3

riptweakcr...ca.pak

windows7-x64

3

riptweakcr...ca.pak

windows10-2004-x64

3

riptweakcr...cs.pak

windows7-x64

3

riptweakcr...cs.pak

windows10-2004-x64

3

riptweakcr...da.pak

windows7-x64

3

riptweakcr...da.pak

windows10-2004-x64

3

riptweakcr...de.pak

windows7-x64

3

riptweakcr...de.pak

windows10-2004-x64

3

riptweakcr...el.pak

windows7-x64

3

riptweakcr...el.pak

windows10-2004-x64

3

riptweakcr...GB.pak

windows7-x64

3

riptweakcr...GB.pak

windows10-2004-x64

3

riptweakcr...US.pak

windows7-x64

3

riptweakcr...US.pak

windows10-2004-x64

3

Analysis

  • max time kernel
    1781s
  • max time network
    1821s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2024, 17:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    riptweakcracked/locales/el.pak

  • Size

    249KB

  • MD5

    7dca85c1719f09ec9b823d3dd33f855e

  • SHA1

    4812cb8d5d5081fcc79dbde686964d364bc1627e

  • SHA256

    82b3fbbdc73f76eaea8595f8587651e12a5f5f73f27badbc7283af9b7072818c

  • SHA512

    8cb43c80654120c59da83efb5b939f762df4d55f4e33a407d1be08e885f3a19527ed0078ab512077604eb73c9c744c86ec1a3373b95d7598bf3835ad9f929d67

  • SSDEEP

    6144:ALKSCi5b9F/kDuKxYxbt5I6ROl3+pSb3//zFMeF+fx2hlA66rOw5YlXSWzG:VSCi5b9F/kDuKxYxbt5I6ROl3+pSb3/k

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\el.pak
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2772
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\el.pak
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2800
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\riptweakcracked\locales\el.pak"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2720

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    9665278b0939ff3a5f7041133e225ad2

    SHA1

    8282d6beb5af32f9ef066bbd9d3bd43bf5d95452

    SHA256

    5d2645b8e07dff8144c415bf34d8653b4b992db7ba765300b3270f776b6da057

    SHA512

    9eead727a28dade1f55aca3e47260f34c596632728318673208672bdb3185d16cbeaa809ee982a1137cd1bc6cebe8dab7c91549e208b7739ba98f15498d79d43

    Download Submit