Overview

overview

10

Static

static

3

Warzone_Un....2.zip

windows11-21h2-x64

4

60212957b9...fe.bak

windows11-21h2-x64

3

Warzone_Un...ol.exe

windows11-21h2-x64

10

c11eb6b929...01.log

windows11-21h2-x64

3

iviewers.dll

windows11-21h2-x64

10

Analysis

  • max time kernel
    101s
  • max time network
    106s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250314-en
  • resource tags

    arch:x64arch:x86image:win11-20250314-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    16/03/2025, 10:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c11eb6b9290acb12dc21c3e0b9549701.log

  • Size

    6.9MB

  • MD5

    d6e8748b12834d76f388b96a2ba1557f

  • SHA1

    abdc873979bf2a345ee9dc08a65e32b76b588ae1

  • SHA256

    faff1a1bf3e245b215e54111291c2eb2e521937644050ba7dfdb41622f8bf22c

  • SHA512

    0bca9e2e0e4216b96e86d6988a945fd9e7ba567a2fe59ccb1e79c7dbe5343352e4abaf87dc952f8caaf1dd51ab3052b9180c484254d81955e7a1b5e19d40a0cf

  • SSDEEP

    196608:DWybSLP2+04wAZfix/mQBONjFHntIPvEg76Q4b0q7:ToP25pAZaxQHHntInlrfq7

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\c11eb6b9290acb12dc21c3e0b9549701.log
    1⤵
    • Modifies registry class
    PID:4200
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:6056

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads