d86a8563804e2bbc440b8666452963c4cf097d9b513f19f83196026aa240d960

Resubmissions

06-01-2025 13:12

250106-qfls9sxlgs 10

06-01-2025 00:48

250106-a5tbmszrcw 10

05-01-2025 23:43

250105-3qj4ms1pal 10

05-01-2025 23:35

250105-3lf67ayphz 10

Analysis

max time kernel
33s
max time network
36s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20241211-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20241211-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
05-01-2025 23:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

source_prepared.pyc
Size

172KB
MD5

c6c42f8a4434eeac1fe78c89d1170eec
SHA1

b5cbcb8501255880c7b7305f5bf1d422f62f8b6b
SHA256

8fd93c67b3b70115a609a08fe0a335343f078db86320a057c61d52dc6e19ca7c
SHA512

5e9dedfab6b9caee28f4b2d5bb418f8bd31e03a5d0896250f9b4d2009cc5df20618c65bc4b708aa037efd7466340d622e6c5416b98c9885178c063f8570ba1e3
SSDEEP

3072:nFfJAC0aOO2LG1VUT/ovPZTerUScdQQV+C/iIvdXzp7sTxw:nwC0aOO2LGM/o0j8SCxse

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-4084745894-3294430273-2212167662-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-4084745894-3294430273-2212167662-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3576	OpenWith.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\source_prepared.pyc
1⤵
- Modifies registry class
PID:1352

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:3576

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads