250dd49463bef0ec8fd03d4d1311a001ddccd84b47a01b2b74624f5e9c794b0f

Submit
Reports

Overview

overview

Static

static

Nowy folder.rar

windows10-2004-x64

Nowy folde...eta.db

windows10-2004-x64

Nowy folde...s.json

windows10-2004-x64

Nowy folde...ata.db

windows10-2004-x64

Nowy folde...states

windows10-2004-x64

Nowy folde...update

windows10-2004-x64

Nowy folde...ab.csv

windows10-2004-x64

Nowy folde...ab.txt

windows10-2004-x64

Nowy folde...am.csv

windows10-2004-x64

Nowy folde...am.txt

windows10-2004-x64

Nowy folde...ui.csv

windows10-2004-x64

Nowy folde...ui.txt

windows10-2004-x64

Nowy folde...36.csv

windows10-2004-x64

Nowy folde...36.txt

windows10-2004-x64

Nowy folde...elease

windows10-2004-x64

Nowy folde...ckages

windows10-2004-x64

Nowy folde...elease

windows10-2004-x64

Nowy folde...ckages

windows10-2004-x64

Nowy folde...ckages

windows10-2004-x64

Nowy folde...d.pkla

windows10-2004-x64

Nowy folde...ERSION

windows10-2004-x64

Nowy folde.../1/112

windows10-2004-x64

Nowy folde.../1/113

windows10-2004-x64

Nowy folde...1/1247

windows10-2004-x64

Nowy folde...47_fsm

windows10-2004-x64

Nowy folde...247_vm

windows10-2004-x64

Nowy folde...1/1249

windows10-2004-x64

Nowy folde...49_fsm

windows10-2004-x64

Nowy folde...249_vm

windows10-2004-x64

Nowy folde...1/1255

windows10-2004-x64

Nowy folde...55_fsm

windows10-2004-x64

Nowy folde...255_vm

windows10-2004-x64

Analysis

max time kernel
143s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2024 19:54

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Nowy folder.rar

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Nowy folder/apt/emacsen-common/docker/containerd/daemon/io.containerd.metadata.v1.bolt/meta.db

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

Nowy folder/apt/emacsen-common/docker/image/overlay2/repositories.json

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

Nowy folder/apt/emacsen-common/docker/volumes/metadata.db

Resource

win10v2004-20241007-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

Nowy folder/apt/extended_states

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

Nowy folder/apt/ieee-data/.lastupdate

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral7

Sample

Nowy folder/apt/ieee-data/iab.csv

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

Nowy folder/apt/ieee-data/iab.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Nowy folder/apt/ieee-data/mam.csv

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral10

Sample

Nowy folder/apt/ieee-data/mam.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Nowy folder/apt/ieee-data/oui.csv

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

Nowy folder/apt/ieee-data/oui.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Nowy folder/apt/ieee-data/oui36.csv

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral14

Sample

Nowy folder/apt/ieee-data/oui36.txt

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

Nowy folder/apt/lists/deb.i2p2.no_dists_unstable_inrelease

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

Nowy folder/apt/lists/deb.i2p2.no_dists_unstable_main_binary-amd64_packages

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

Nowy folder/apt/lists/http.kali.org_kali_dists_kali-rolling_inrelease

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral18

Sample

Nowy folder/apt/lists/http.kali.org_kali_dists_kali-rolling_contrib_binary-amd64_packages

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral19

Sample

Nowy folder/apt/lists/http.kali.org_kali_dists_kali-rolling_non-free_binary-amd64_packages

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

Nowy folder/apt/polkit-1/localauthority/10-vendor.d/systemd-networkd.pkla

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

Nowy folder/apt/postgresql/13/main/PG_VERSION

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

Nowy folder/apt/postgresql/13/main/base/1/112

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

Nowy folder/apt/postgresql/13/main/base/1/113

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

Nowy folder/apt/postgresql/13/main/base/1/1247

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

Nowy folder/apt/postgresql/13/main/base/1/1247_fsm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Nowy folder/apt/postgresql/13/main/base/1/1247_vm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

Nowy folder/apt/postgresql/13/main/base/1/1249

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Nowy folder/apt/postgresql/13/main/base/1/1249_fsm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Nowy folder/apt/postgresql/13/main/base/1/1249_vm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

Nowy folder/apt/postgresql/13/main/base/1/1255

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

Nowy folder/apt/postgresql/13/main/base/1/1255_fsm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Nowy folder/apt/postgresql/13/main/base/1/1255_vm

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

Nowy folder/apt/ieee-data/.lastupdate
Size

32B
MD5

6b3b7572bc2cf2ae808a025bd23d4cd9
SHA1

e2ee073ce863c54cc38b56fbee3bede352479e0f
SHA256

2ef215ec15c4ef65d102d547c2fc3012b16b66a17b1140b00a1cd82ca600273d
SHA512

f3dfe12b696f48edcf99bd8f9b3653d21e4586178236f6a8cc3e1b904a3afd5be2c69c7c1ec05182daa077a204b1c8592e08c3ec15dd800959e0b7553779ba30

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-2878641211-696417878-3864914810-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4184	OpenWith.exe

Processes

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\Nowy folder\apt\ieee-data\.lastupdate"
1⤵
- Modifies registry class
PID:2132

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4184

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads