Overview

overview

7

Static

static

3

Debug/Micr...es.xml

windows7-x64

3

Debug/Micr...es.xml

windows10-2004-x64

1

Debug/Mona...xclude

windows7-x64

1

Debug/Mona...xclude

windows10-2004-x64

1

Debug/Mona...ar.ttf

windows7-x64

4

Debug/Mona...ar.ttf

windows10-2004-x64

7

Debug/Mona....woff2

windows7-x64

3

Debug/Mona....woff2

windows10-2004-x64

3

Debug/Mona...on.ttf

windows7-x64

4

Debug/Mona...on.ttf

windows10-2004-x64

7

Debug/Nexa..._1.zip

windows7-x64

1

Debug/Nexa..._1.zip

windows10-2004-x64

1

Debug/Nexa..._1.zip

windows7-x64

1

Debug/Nexa..._1.zip

windows10-2004-x64

1

Debug/Nexa..._1.zip

windows7-x64

1

Debug/Nexa..._1.zip

windows10-2004-x64

1

Debug/Nexa..._1.zip

windows7-x64

1

Debug/Nexa..._1.zip

windows10-2004-x64

1

Debug/Nexa..._1.zip

windows7-x64

1

Debug/Nexa..._1.zip

windows10-2004-x64

1

Debug/Nexa...s.json

windows7-x64

3

Debug/Nexa...s.json

windows10-2004-x64

3

Debug/Nexa...af.hyb

windows7-x64

3

Debug/Nexa...af.hyb

windows10-2004-x64

3

Debug/Nexa...as.hyb

windows7-x64

3

Debug/Nexa...as.hyb

windows10-2004-x64

3

Debug/Nexa...be.hyb

windows7-x64

3

Debug/Nexa...be.hyb

windows10-2004-x64

3

Debug/Nexa...bg.hyb

windows7-x64

3

Debug/Nexa...bg.hyb

windows10-2004-x64

3

Debug/Nexa...bn.hyb

windows7-x64

3

Debug/Nexa...bn.hyb

windows10-2004-x64

3

Analysis

  • max time kernel
    146s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    09-12-2024 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Debug/Monaco/vs/base/browser/ui/codicons/codicon/codicon.ttf

  • Size

    69KB

  • MD5

    a1cef3d530e1adb0f52b2f62994a2aca

  • SHA1

    074579894ad91265941fbce44d2b41c863797cf6

  • SHA256

    4946e7465803ccab735800d9236f188c2200d28b395e77727e9aa0baa443b87a

  • SHA512

    423656417849bddd0f7bf01138d9de54b334fc0ca64f28c5d679f66e38f5bc3c601a0faa166734cde4c2ec1e56983c36ceabdb3265c414fc40a7ee3798ede52d

  • SSDEEP

    1536:ex5Ez/D8G5dlHwkP/7BzekxVL7/b/SS0/hczE00phJgZExGk:ex5Ez/D84HwKxemVHbKSm+zEXHJMrk

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 13 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\browser\ui\codicons\codicon\codicon.ttf
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2840
    • C:\Windows\System32\fontview.exe
      "C:\Windows\System32\fontview.exe" C:\Users\Admin\AppData\Local\Temp\Debug\Monaco\vs\base\browser\ui\codicons\codicon\codicon.ttf
      2⤵
      • Drops file in Windows directory
      PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\Fonts\codicon_0.ttf
    Filesize

    69KB

    MD5

    a1cef3d530e1adb0f52b2f62994a2aca

    SHA1

    074579894ad91265941fbce44d2b41c863797cf6

    SHA256

    4946e7465803ccab735800d9236f188c2200d28b395e77727e9aa0baa443b87a

    SHA512

    423656417849bddd0f7bf01138d9de54b334fc0ca64f28c5d679f66e38f5bc3c601a0faa166734cde4c2ec1e56983c36ceabdb3265c414fc40a7ee3798ede52d

    Download Submit

  • memory/2616-26-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2616-31-0x0000000000270000-0x0000000000271000-memory.dmp

    Filesize

    4KB

    Download