Overview

overview

10

Static

static

3

ng-3294823...25.zip

windows7-x64

1

ng-3294823...25.zip

windows10-2004-x64

10

cochlea.torrent

windows7-x64

3

cochlea.torrent

windows10-2004-x64

3

steamerror...er.exe

windows7-x64

10

steamerror...er.exe

windows10-2004-x64

10

tier0_s.dll

windows7-x64

3

tier0_s.dll

windows10-2004-x64

3

vstdlib_s.dll

windows7-x64

3

vstdlib_s.dll

windows10-2004-x64

3

wharf.indd

windows7-x64

3

wharf.indd

windows10-2004-x64

3

Analysis

  • max time kernel
    101s
  • max time network
    204s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2025 16:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cochlea.torrent

  • Size

    55KB

  • MD5

    495344e71846d9e9f55219dd173b8bd8

  • SHA1

    728a127f624ffd35a65e63f9a82c2afe4c622be1

  • SHA256

    4e07702ab4eb53cb3932dea092905b10bdc0299e0b8b3ac98cf7f213f12ad3c5

  • SHA512

    dd77bec78b5b1d457bda9dd4c44175916fce42934a6a30a4bdfe8561ada05ef00aacd05aa366288baa943b3ef2fc7fd6ac1ea5a617d493072e050fd937fc2435

  • SSDEEP

    768:VKMb3EbQLjbSRNol3CRJ3b4DSzm5oPvhqszEIp4SYSxE8li2zGGfDCpZLpywWir2:VSQLj+EkPJqiOQS8phOyUdaqdcAQp

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\cochlea.torrent
    1⤵
    • Modifies registry class
    PID:1280
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:732

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads