Overview

overview

10

Static

static

3

Velocity (1).7z

windows10-ltsc 2021-x64

7

Velocity (1).7z

windows11-21h2-x64

1

net8.0-win...ox.dll

windows10-ltsc 2021-x64

1

net8.0-win...ox.dll

windows11-21h2-x64

1

net8.0-win...ty.exe

windows10-ltsc 2021-x64

1

net8.0-win...ty.exe

windows11-21h2-x64

1

net8.0-win...config

windows10-ltsc 2021-x64

3

net8.0-win...config

windows11-21h2-x64

3

net8.0-win...ty.exe

windows10-ltsc 2021-x64

7

net8.0-win...ty.exe

windows11-21h2-x64

10

Resubmissions

20/02/2025, 14:15

250220-rkw1gawran 10

Analysis

  • max time kernel
    418s
  • max time network
    454s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250217-en
  • resource tags

    arch:x64arch:x86image:win11-20250217-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20/02/2025, 14:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    net8.0-windows10.0.26100.0/Velocity.dll.config

  • Size

    1KB

  • MD5

    5b5d39393c3a7a56b679e5268d04bbd8

  • SHA1

    977311624996250c992dcd1980ec4fb89b8f07b2

  • SHA256

    dc5183d05ba53475ede31db2d07e6ae11974028cf4f8ec73fe80a1bd4f3b25a8

  • SHA512

    ecc3664cdca78f9729b74174e875ea66ab5ab8b94a7e8f620577c1d7fe63b455080e54843861afbb2e5c92969aa084481026cc3962873eeb1b0d017b10e3d51d

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\net8.0-windows10.0.26100.0\Velocity.dll.config
    1⤵
    • Modifies registry class
    PID:956
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:4176

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads