Overview

overview

10

Static

static

7

1c310cd242...5d.apk

android-9-x86

10

1c310cd242...5d.apk

android-10-x64

10

1c310cd242...5d.apk

android-11-x64

10

RobotoMono-Medium.ps1

windows7-x64

1

RobotoMono-Medium.ps1

windows10-2004-x64

1

boost_01_effect.xml

windows7-x64

1

boost_01_effect.xml

windows10-2004-x64

3

boost_02_effect.xml

windows7-x64

1

boost_02_effect.xml

windows10-2004-x64

3

boost_03_effect.xml

windows7-x64

1

boost_03_effect.xml

windows10-2004-x64

3

boost_04_effect.xml

windows7-x64

1

boost_04_effect.xml

windows10-2004-x64

3

dragEffect.xml

windows7-x64

1

dragEffect.xml

windows10-2004-x64

3

fyb_iframe...l.html

windows7-x64

1

fyb_iframe...l.html

windows10-2004-x64

1

fyb_static...l.html

windows7-x64

1

fyb_static...l.html

windows10-2004-x64

1

Analysis

  • max time kernel
    127s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-08-2023 22:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boost_04_effect.xml

  • Size

    2KB

  • MD5

    80168c7967ce56123eaae7c1c3ec71ea

  • SHA1

    73994ab3c4a3da5b55460ee25dcfc2f45f5f7a5a

  • SHA256

    e1a98040443675a42fb01354aa39f74a2256b1445e0249268677f6b01bcb1639

  • SHA512

    f32153e91355d0848bdca3082d28e6d198b8887bd5d1ccd2f3afedf9c2a2b0054fb8eaba02c01df450f4652f1d729fc9fa30150aefd74d08c036dece549511a1

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\boost_04_effect.xml"
    1⤵
      PID:3900
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 3900 -s 448
        2⤵
        • Program crash
        PID:2560
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 428 -p 3900 -ip 3900
      1⤵
        PID:1568

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3900-133-0x00007FFDBDED0000-0x00007FFDBDEE0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3900-134-0x00007FFDFDE50000-0x00007FFDFE045000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3900-135-0x00007FFDFDE50000-0x00007FFDFE045000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/3900-136-0x00007FFDFB970000-0x00007FFDFBC39000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/3900-137-0x00007FFDBDED0000-0x00007FFDBDEE0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3900-138-0x00007FFDFDE50000-0x00007FFDFE045000-memory.dmp

        Filesize

        2.0MB

        Download