Overview

overview

10

Static

static

3

MultiHack v1.7.zip

windows11-21h2-x64

1

MultiHack ...er.exe

windows11-21h2-x64

10

MultiHack ...ME.txt

windows11-21h2-x64

3

MultiHack ...vm.cfg

windows11-21h2-x64

3

MultiHack ...sy.txt

windows11-21h2-x64

3

MultiHack ...ap.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...st.txt

windows11-21h2-x64

3

MultiHack ...ts.txt

windows11-21h2-x64

3

MultiHack ...ds.txt

windows11-21h2-x64

3

MultiHack ...nu.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...ts.txt

windows11-21h2-x64

3

MultiHack ...ut.txt

windows11-21h2-x64

3

MultiHack ...da.txt

windows11-21h2-x64

3

MultiHack ...le.txt

windows11-21h2-x64

3

MultiHack ...ot.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...es.txt

windows11-21h2-x64

3

MultiHack ...fo.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...ts.dsp

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...st.txt

windows11-21h2-x64

3

MultiHack ...re.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...ns.txt

windows11-21h2-x64

3

MultiHack ...ta.txt

windows11-21h2-x64

3

MultiHack ...es.txt

windows11-21h2-x64

3

MultiHack ...er.ini

windows11-21h2-x64

3

MultiHack ...al.dll

windows11-21h2-x64

1

Resubmissions

21/01/2025, 08:24

250121-ka7wnavmhr 10

12/06/2024, 04:32

240612-e6ft6a1cmr 10

Analysis

  • max time kernel
    91s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20241007-en
  • resource tags

    arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21/01/2025, 08:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    MultiHack v1.7/scripts/damagecutout.txt

  • Size

    22KB

  • MD5

    e64857cf92b6565dab38838a2e92ea67

  • SHA1

    c74ea6e46de465f5f4dc62af831fe83d8d49c6c8

  • SHA256

    fd31b2f7d9d0fcacf36a14ab0791f3db99d4c6d3474f03301acbefc4543d379c

  • SHA512

    bd2cc635efa539f6307d83cb6e5960ba214f328e3530ca9e24d63fd9b666f38577d7c2a8eb32668099e9859010ffcf1391a04ee541be66c8be134d9678c9dc9b

  • SSDEEP

    192:Yg5r9O4uGiNKptEDATB0zdEiA4ZVSLBTolbobpn:Yg6G+ATB0z5AgGBThbpn

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\MultiHack v1.7\scripts\damagecutout.txt"
    1⤵
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:4628
    • C:\Windows\system32\NOTEPAD.EXE
      "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\MultiHack v1.7\scripts\damagecutout.txt
      2⤵
        PID:3792

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads