90b37e700b2fbbf88391345f632c94759503a0ed672b92606feffdc21318ad85

Resubmissions

11/03/2025, 01:41

250311-b4hzyswlx2 10

Analysis

max time kernel
111s
max time network
146s
platform
windows10-ltsc 2021_x64
resource
win10ltsc2021-20250217-en
resource tags

arch:x64arch:x86image:win10ltsc2021-20250217-enlocale:en-usos:windows10-ltsc 2021-x64system
submitted
11/03/2025, 01:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

source_prepared.pyc
Size

171KB
MD5

7e1927afc400d2d7290c5f3450f8ad90
SHA1

fe682567a4419614d3daeb7fea3c4ba362ec853a
SHA256

a4b1cc04e4e4e7189d3ae3854ea5e659c1d231f364bc03ad0648c1195e6e40b0
SHA512

ffda2edd88998c601218e310d63494a8f4d869e23af29fb4b6d505c7bafdd8130152120ccff4059dc1bfff5b656d7ab17a256303d3db581684941f66f76c21d2
SSDEEP

3072:N5UawF05YGl3S2SVfUFoGoD7iD6GxrhQpvqda+oqXsilDY:NE65hlrSNGo6r6Jqda+1sKY

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3996797005-1442104920-3698332314-1000_Classes\Local Settings	cmd.exe
Key created	\REGISTRY\USER\S-1-5-21-3996797005-1442104920-3698332314-1000_Classes\Local Settings	OpenWith.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
432	OpenWith.exe

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\source_prepared.pyc
1⤵
- Modifies registry class
PID:3288

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:432

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads