fbcfbc9ed5c1777946b0dad7a5813377960a134e9907d3e0669804d273defe90 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

Microsoft....we.zip

windows7-x64

1

Microsoft....we.zip

windows10-2004-x64

1

AppxBlockMap.xml

windows7-x64

1

AppxBlockMap.xml

windows10-2004-x64

1

AppxMetada...st.xml

windows7-x64

1

AppxMetada...st.xml

windows10-2004-x64

1

AppxSignature.p7x

windows7-x64

3

AppxSignature.p7x

windows10-2004-x64

3

Microsoft....4.appx

windows7-x64

Microsoft....4.appx

windows10-2004-x64

Microsoft....4.appx

windows7-x64

Microsoft....4.appx

windows10-2004-x64

1

Microsoft....6.appx

windows7-x64

Microsoft....6.appx

windows10-2004-x64

1

[Content_Types].xml

windows7-x64

1

[Content_Types].xml

windows10-2004-x64

1

Resubmissions

25-10-2023 13:58

231025-q979cshd42 1

25-10-2023 13:54

231025-q72c2ahc87 3

25-10-2023 13:53

231025-q6ywhshc46 1

Analysis

max time kernel
138s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
25-10-2023 13:54

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Microsoft.HEVCVideoExtension_2.0.61931.0_neutral_~_8wekyb3d8bbwe.zip

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Microsoft.HEVCVideoExtension_2.0.61931.0_neutral_~_8wekyb3d8bbwe.zip

Resource

win10v2004-20231023-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

AppxBlockMap.xml

Resource

win7-20231023-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral4

Sample

AppxBlockMap.xml

Resource

win10v2004-20231023-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

AppxMetadata/AppxBundleManifest.xml

Resource

win7-20231020-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

AppxMetadata/AppxBundleManifest.xml

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

AppxSignature.p7x

Resource

win7-20231020-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral8

Sample

AppxSignature.p7x

Resource

win10v2004-20231020-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral9

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.arm64.appx

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.arm64.appx

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x64.appx

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x64.appx

Resource

win10v2004-20231020-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral13

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x86.appx

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Microsoft.HEVCVideoExtension_8wekyb3d8bbwe.x86.appx

Resource

win10v2004-20231023-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral15

Sample

[Content_Types].xml

Resource

win7-20231020-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral16

Sample

[Content_Types].xml

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

AppxMetadata/AppxBundleManifest.xml
Size

7KB
MD5

7a206184dde4e1c26f85397605d77d51
SHA1

69ba4cccdf2fcda97e44ea05a51c945249fec7ab
SHA256

3bea2195b3e46e859288426fb84a7a0d3a00a15b53b38728b4eca3b51dda0429
SHA512

be4c84f24e8fbac2d4d7a6fd1fb1f0b2c1d5671d24035b70c3ce06e1a63c860d0d0a8ee52ad43b33ea2697488ac7cb67c72211fa8c30b99b8bb3a69e96c17b96
SSDEEP

192:WwF7yLvg21SeJR/ADx9bqxH8FHZeTb6b9rxZb5K4ETQVPvT7nRwfX7XZZ/CuD0dz:hF7yLvg21SeJR/ADx9bqxH8FHZeTb6bD

Score

1^/10

Malware Config

Signatures

Processes

C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
"C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\AppxMetadata\AppxBundleManifest.xml"
1⤵
PID:3900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3900-0-0x00007FFCE17F0000-0x00007FFCE1800000-memory.dmp

Filesize
64KB

Download
memory/3900-1-0x00007FFD21770000-0x00007FFD21965000-memory.dmp

Filesize
2.0MB

Download
memory/3900-2-0x00007FFD21770000-0x00007FFD21965000-memory.dmp

Filesize
2.0MB

Download
memory/3900-3-0x00007FFD21770000-0x00007FFD21965000-memory.dmp

Filesize
2.0MB

Download
memory/3900-4-0x00007FFD1F4F0000-0x00007FFD1F7B9000-memory.dmp

Filesize
2.8MB

Download
memory/3900-5-0x00007FFCE17F0000-0x00007FFCE1800000-memory.dmp

Filesize
64KB

Download
memory/3900-6-0x00007FFD21770000-0x00007FFD21965000-memory.dmp

Filesize
2.0MB

Download

© 2018-2024

Terms | Privacy