Analysis
-
max time kernel
100s -
max time network
145s -
platform
windows10-ltsc 2021_x64 -
resource
win10ltsc2021-20241023-en -
resource tags
arch:x64arch:x86image:win10ltsc2021-20241023-enlocale:en-usos:windows10-ltsc 2021-x64system -
submitted
04-12-2024 13:22
Behavioral task
behavioral1
Sample
niggers.exe
Resource
win10ltsc2021-20241023-en
ammyyadminasyncratlummametasploitmodiloaderneshtanjratquasarta505xmrigxwormdefaultoffice04sgvpbackdoorcredential_accessdefense_evasiondiscoveryevasionexecutionminerpersistenceprivilege_escalationpyinstallerratspywarestealerthemidatrojanupxvmprotect
windows10-ltsc 2021-x64
66 signatures
150 seconds
Behavioral task
behavioral2
Sample
take3.pyc
Resource
win10ltsc2021-20241023-en
windows10-ltsc 2021-x64
3 signatures
150 seconds
General
-
Target
take3.pyc
-
Size
5KB
-
MD5
4a9013e03843a3c5549540fa2dffd97c
-
SHA1
642b3d516cce79edfcc4881ebf8c142615a25b38
-
SHA256
2dbcec9abf205c40869539313ee711323d62f442181f5d3eeceb8ecb6130c3b7
-
SHA512
8212bdc9cff937ded41a2f5c666a6755b39841cdb3316ba9abc08f32a6f356d01e21ce1d75007ea8240082c950f59f6ccc07b4eacaa15008fe074bc1bd1874dd
-
SSDEEP
96:D9sxJIAI8lQAcPTwt0Ss3NYQfmkaHiiHj2xWhp5EJp:hsxJIAI8GHPNLVA92Op5O
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc Process Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-3785588363-1079601362-4184885025-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid Process 1800 OpenWith.exe