Analysis

  • max time kernel
    315s
  • max time network
    316s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2025 22:22

General

  • Target

    MANAGER.png

  • Size

    18KB

  • MD5

    89cb162b4039b50ffe94ed6b9a53091e

  • SHA1

    2e57314c0c54f603cf14174e69c4c0290475131f

  • SHA256

    aac33c5a4fe15b0f450b07c2a2f063a9602e187c4bf469c72e1d6bd15b759bd5

  • SHA512

    6ee871370725d9737f60a900bf72f899d92726eaf8887c850d42a6766754efd4ec491c6ec81b9b2cbc381e9575989bce4e8242d4da8a0b9ba72659e379068349

  • SSDEEP

    384:nlkpztbqXKqS51cSWzOGsHcFM+Wwtb2Jh+hif3DbV:l4ztbqXKqS5OIGVqXL+hif3PV

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\MANAGER.png
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2116

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2116-0-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

  • memory/2116-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB