Overview

overview

3

Static

static

3

Conference...ed.png

windows7-x64

1

Conference...ed.png

windows10-2004-x64

1

Analysis

  • max time kernel
    104s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20250314-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2025, 16:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Conference Registration Flyer.png updated.png

  • Size

    2.1MB

  • MD5

    6d2914e9bb65d758e8f6673bafffa30a

  • SHA1

    8ee6c0e04c5346efc6799ce027dc2135c6fbff4e

  • SHA256

    9a956372f839238e357f242894f9bcb2316dc16abf633e3db088cd8ce5254cbf

  • SHA512

    42e8282cc392a4d0111e06cf6f16c75b3dd31f2b459874b4d36b541e65056e2b87a0b4d48b4fb9417c03d26753f0f0072e9a7f60415fe9c6d695751df8f0c0b8

  • SSDEEP

    49152:27hZMiZ1CrEMWOUoDHhnixd92KWLcLbIaOfQdwkWDVbDLxIZ8IesYNn8I:27AiXSWONDIdkKWLcQaEkYxI+I6NB

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Windows\system32\mspaint.exe
    "C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\Conference Registration Flyer.png updated.png"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:868
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
    1⤵
      PID:3340

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads