Analysis
-
max time kernel
146s -
max time network
150s -
platform
windows11-21h2_x64 -
resource
win11-20240611-en -
resource tags
arch:x64arch:x86image:win11-20240611-enlocale:en-usos:windows11-21h2-x64system -
submitted
27-06-2024 20:20
Static task
static1
Behavioral task
behavioral1
Sample
TTYD_EU_REL_Loader_v1.gci
Resource
win10v2004-20240611-en
17 signatures
150 seconds
Behavioral task
behavioral2
Sample
TTYD_EU_REL_Loader_v1.gci
Resource
win11-20240611-en
3 signatures
150 seconds
General
-
Target
TTYD_EU_REL_Loader_v1.gci
-
Size
136KB
-
MD5
de2dec61ab3c2f8d3ba35ed96a60897f
-
SHA1
cc708aae99ec8c83b897161af36bd5a299abfd32
-
SHA256
1c34cd45dd2bb8c44a48d60aea5e0ce811ae416b220361c8e35e7411e8801379
-
SHA512
010d0343c84f149358d1122b77b8eab372a4434f4277ed08ba6029cdb2bacc882df60c1a5df594037b760b87b114f6b36e2ccd21201de08f731aa9eb74a8ef3b
-
SSDEEP
192:xFYFXLa0InoIhfsvx0hkaokwdHUCJ02+3T9kH1Avh1Avg:xaX20IZo6hkVHUlvG1Avh1Avg
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Modifies registry class 2 IoCs
Processes:
cmd.exeOpenWith.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings cmd.exe Key created \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings OpenWith.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 3412 OpenWith.exe