Overview

overview

8

Static

static

3

Asteroid +....2.zip

windows10-2004-x64

1

AsteroidPC.dll

windows10-2004-x64

8

Sources/injector.py

windows10-2004-x64

3

Sources/read me.txt

windows10-2004-x64

1

injector.exe

windows10-2004-x64

7

injector.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    481s
  • max time network
    491s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 17:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Sources/injector.py

  • Size

    2KB

  • MD5

    227b4fc4e67f796b76d444142a14686a

  • SHA1

    7406c13fea21f5bc69d337fa4f470ab6f9a5ac9e

  • SHA256

    d7f344bd8c28b2bf8dce2c757d0f5a2d6e611fd0bb0f44afa85eea4cba53bfe1

  • SHA512

    49be54af12c4ce6192f3cbf0c9a0c21725bd9e2ff5c515f64ad6fc604e94c3939f401e8867a5de122482b32e42542f7f57652a173dfa44a843b45c29f66d6314

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\Sources\injector.py
    1⤵
    • Modifies registry class
    PID:744
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:208

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads