Overview

overview

6

Static

static

1

TMmap_1.0....48.zip

windows11-21h2-x64

1

TMmap_1.0....me.txt

windows11-21h2-x64

3

TMmap_1.0....MI.key

windows11-21h2-x64

3

TMmap_1.0....48.msi

windows11-21h2-x64

6

Analysis

  • max time kernel
    453s
  • max time network
    456s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250313-en
  • resource tags

    arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    28/03/2025, 09:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TMmap_1.0.4.4_D24.48/TMSoft.TMMAP-DEMO_AjrQSf7iMI.key

  • Size

    112B

  • MD5

    64f1db85fb5fc7d4bca84553f0db07fc

  • SHA1

    7d007d6e797ac4ada6c8a581b18961cf1ccbbffd

  • SHA256

    ea9c7be2c21b6fc5d3fb5f0fc8f4e965c42352d94fa2248785ccb5ee857ac423

  • SHA512

    f5cacbfd91b783dc486e645cfa15030df589bdcfad214e5665402169181dec617ca02499d9dfd7b97db50399fc76fc06d206421a4ec261a8b6eb6ac68d570f39

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\TMmap_1.0.4.4_D24.48\TMSoft.TMMAP-DEMO_AjrQSf7iMI.key
    1⤵
    • Modifies registry class
    PID:2872
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:3156

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads