Overview

overview

7

Static

static

1

BasicAvata....0.zip

windows7-x64

3

BasicAvata....0.zip

windows10-2004-x64

1

BasicAvata...ibutes

windows7-x64

3

BasicAvata...ibutes

windows10-2004-x64

3

BasicAvata...ort.md

windows7-x64

3

BasicAvata...ort.md

windows10-2004-x64

3

BasicAvata...est.md

windows7-x64

3

BasicAvata...est.md

windows10-2004-x64

3

BasicAvata...is.yml

windows7-x64

3

BasicAvata...is.yml

windows10-2004-x64

3

BasicAvata...ignore

windows7-x64

3

BasicAvata...ignore

windows10-2004-x64

3

BasicAvata...csproj

windows7-x64

3

BasicAvata...csproj

windows10-2004-x64

3

BasicAvata...sts.cs

windows7-x64

3

BasicAvata...sts.cs

windows10-2004-x64

3

BasicAvata...SE.txt

windows7-x64

1

BasicAvata...SE.txt

windows10-2004-x64

1

BasicAvata...ar.ttf

windows7-x64

4

BasicAvata...ar.ttf

windows10-2004-x64

7

BasicAvata...sts.cs

windows7-x64

3

BasicAvata...sts.cs

windows10-2004-x64

3

BasicAvata...DME.md

windows7-x64

3

BasicAvata...DME.md

windows10-2004-x64

3

BasicAvata...te.png

windows7-x64

3

BasicAvata...te.png

windows10-2004-x64

3

BasicAvata...or.sln

windows7-x64

3

BasicAvata...or.sln

windows10-2004-x64

3

BasicAvata...tar.cs

windows7-x64

3

BasicAvata...tar.cs

windows10-2004-x64

3

BasicAvata...csproj

windows7-x64

3

BasicAvata...csproj

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    21-12-2024 15:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BasicAvatarGenerator-2.4.0/.gitignore

  • Size

    6KB

  • MD5

    57665f54628dcd9973cc0548b575702e

  • SHA1

    a0f6ac0075087a73b9ada731ff59af33925b414a

  • SHA256

    8aac631b965149a5f9eb2f13a202489cde52b00ca9c37ee575b32a7b8c70a62c

  • SHA512

    ece91b1f690d198fc47a4c16d4f4a9edab9f17559a41de7a8cff26eadf0e74f3d2e5b27d5b9b0bb1dacb49db69a02c138bdab7b69cfcfa21e9f0614c7385928a

  • SSDEEP

    96:lvZQRlP+CWIR053ssPzcJU+KlMUBFANVCSJLO+JVFwygBZfOXUss3xz4BjvAkCvB:lGRPWIR0V/NKAxSA+JwhZETAkCvB

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies registry class 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\BasicAvatarGenerator-2.4.0\.gitignore
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\BasicAvatarGenerator-2.4.0\.gitignore
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2532
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\BasicAvatarGenerator-2.4.0\.gitignore"
        3⤵
        • System Location Discovery: System Language Discovery
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:1848

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0a58da98a0ad76debdc44338c03a9428

    SHA1

    4dd316399813b0902a10f27afeca925c5a85dec3

    SHA256

    e294513f4ed8d3aea5d2d288e53b018c917e98a10c01bfe261431fe489869f70

    SHA512

    f97c295d2eccfdaceeda23d81f798abda4d30efc89a3cc92932b04800f5fc43ad0942226ef5936b660763ee94b307312b459069af0d0016cdbb14634c4d5a1f4

    Download Submit