Overview

overview

3

Static

static

1

img12.jpg

windows7-x64

3

Resubmissions

01-12-2024 15:28

241201-swsb4ayrhk 1

01-12-2024 15:28

241201-swgklayrgp 3

01-12-2024 15:26

241201-sva2esvlb1 5

01-12-2024 15:24

241201-ss3nnavkgz 5

01-12-2024 15:22

241201-sr2d7syqgq 10

01-12-2024 15:21

241201-srh8mavkdx 3

01-12-2024 15:17

241201-sn1cqsvjhy 3

Analysis

  • max time kernel
    359s
  • max time network
    360s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2024 15:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    img12.jpg

  • Size

    121KB

  • MD5

    5d28177027ff3505cac5faf30f3fce1c

  • SHA1

    f5344740e5814ad7b09c27723798a7b283597d98

  • SHA256

    c7e0b5d2f1fc049601bab9697108bb03bf9b8643a7d741f4cd6332931cf0457c

  • SHA512

    7143044d73e10281f1d3c0979c1daa0e6ae796edc3a56dd998a1d630c41d700d3d9af742c94d2b4b61a055d56a1203328819086c29c1038e58a495af1a4cc51d

  • SSDEEP

    3072:zha4q4WMs9qabD0BWweOhHfgT3wdnjejF6I:da45W1qQD0BReOhYjyCjF5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\img12.jpg
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:1044

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1044-0-0x0000000000410000-0x0000000000411000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1044-1-0x0000000000410000-0x0000000000411000-memory.dmp

    Filesize

    4KB

    Download