Analysis
-
max time kernel
315s -
max time network
316s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system -
submitted
07-01-2025 22:22
Static task
static1
Behavioral task
behavioral1
Sample
MANAGER.png
Resource
win7-20241023-en
windows7-x64
3 signatures
900 seconds
Behavioral task
behavioral2
Sample
MANAGER.png
Resource
win10v2004-20241007-en
crimsonratdarkcometmicrosoftdefense_evasiondiscoveryevasionpersistencephishingproduct:outlookrattrojan
windows10-2004-x64
34 signatures
900 seconds
General
-
Target
MANAGER.png
-
Size
18KB
-
MD5
89cb162b4039b50ffe94ed6b9a53091e
-
SHA1
2e57314c0c54f603cf14174e69c4c0290475131f
-
SHA256
aac33c5a4fe15b0f450b07c2a2f063a9602e187c4bf469c72e1d6bd15b759bd5
-
SHA512
6ee871370725d9737f60a900bf72f899d92726eaf8887c850d42a6766754efd4ec491c6ec81b9b2cbc381e9575989bce4e8242d4da8a0b9ba72659e379068349
-
SSDEEP
384:nlkpztbqXKqS51cSWzOGsHcFM+Wwtb2Jh+hif3DbV:l4ztbqXKqS5OIGVqXL+hif3PV
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 2116 rundll32.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2116 rundll32.exe 2116 rundll32.exe