Overview
overview
8Static
static
AsusSetup.exe
windows7-x64
1AsusSetup.exe
windows10-2004-x64
5AsusSetup.ini
windows7-x64
1AsusSetup.ini
windows10-2004-x64
1English.ini
windows7-x64
1English.ini
windows10-2004-x64
1French.ini
windows7-x64
1French.ini
windows10-2004-x64
1German.ini
windows7-x64
1German.ini
windows10-2004-x64
1Install.bat
windows7-x64
1Install.bat
windows10-2004-x64
5Japanese.ini
windows7-x64
1Japanese.ini
windows10-2004-x64
1Korean.ini
windows7-x64
1Korean.ini
windows10-2004-x64
1Russian.ini
windows7-x64
1Russian.ini
windows10-2004-x64
1SChinese.ini
windows7-x64
1SChinese.ini
windows10-2004-x64
1Spanish.ini
windows7-x64
1Spanish.ini
windows10-2004-x64
1TChinese.ini
windows7-x64
1TChinese.ini
windows10-2004-x64
1Ukrainian.ini
windows7-x64
1Ukrainian.ini
windows10-2004-x64
1ibtusb.cat
windows7-x64
8ibtusb.cat
windows10-2004-x64
1ibtusb.inf
windows7-x64
1ibtusb.inf
windows10-2004-x64
1ibtusb.exe
windows7-x64
ibtusb.exe
windows10-2004-x64
Analysis
-
max time kernel
30s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
08-01-2023 05:11
Static task
static1
Behavioral task
behavioral1
Sample
AsusSetup.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral2
Sample
AsusSetup.exe
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
AsusSetup.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral4
Sample
AsusSetup.ini
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
English.ini
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral6
Sample
English.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
French.ini
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral8
Sample
French.ini
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
German.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral10
Sample
German.ini
Resource
win10v2004-20220901-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
Install.bat
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral12
Sample
Install.bat
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
Japanese.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral14
Sample
Japanese.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Korean.ini
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral16
Sample
Korean.ini
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
Russian.ini
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral18
Sample
Russian.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
SChinese.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral20
Sample
SChinese.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
Spanish.ini
Resource
win7-20221111-en
windows7-x64
Behavioral task
behavioral22
Sample
Spanish.ini
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
TChinese.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral24
Sample
TChinese.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
Ukrainian.ini
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral26
Sample
Ukrainian.ini
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
ibtusb.cat
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral28
Sample
ibtusb.cat
Resource
win10v2004-20221111-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
ibtusb.inf
Resource
win7-20220901-en
windows7-x64
Behavioral task
behavioral30
Sample
ibtusb.inf
Resource
win10v2004-20220812-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
ibtusb.exe
Resource
win7-20220812-en
windows7-x64
Behavioral task
behavioral32
Sample
ibtusb.exe
Resource
win10v2004-20221111-en
windows10-2004-x64
General
-
Target
Install.bat
-
Size
308B
-
MD5
05ea96804213722f35f7ca76e1e3e350
-
SHA1
a873c5dc79a671ea5c33bc1a21f853b60a794f3e
-
SHA256
fa439350a1259088825dd533111de0b43b8d851f68daa3eeb49b0d498834010e
-
SHA512
08ee3f84b198fe1fbccca17260d6185ba37e87ffc5acf8eda1ecf9e4b670900b51d9917a2ef8ddd30308ea603ddac35789abb4ded8e05ada6a996fb5c14bcec7
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 6 IoCs
description pid Process procid_target PID 1772 wrote to memory of 1792 1772 cmd.exe 29 PID 1772 wrote to memory of 1792 1772 cmd.exe 29 PID 1772 wrote to memory of 1792 1772 cmd.exe 29 PID 1772 wrote to memory of 936 1772 cmd.exe 30 PID 1772 wrote to memory of 936 1772 cmd.exe 30 PID 1772 wrote to memory of 936 1772 cmd.exe 30
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Install.bat"1⤵
- Suspicious use of WriteProcessMemory
PID:1772 -
C:\Windows\System32\PnPutil.exe.\pnputil /add-driver "C:\Users\Admin\AppData\Local\Temp\ibtusb.inf" /install2⤵PID:1792
-
-
C:\Windows\system32\PnPutil.exeC:\Windows/system32/pnputil /add-driver ibtusb.inf /install2⤵PID:936
-