Overview

overview

3

Static

static

3

Bad Bird.exe

windows7-x64

1

Bad Bird.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    33s
  • max time network
    36s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 15:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Bad Bird.exe

  • Size

    1.2MB

  • MD5

    093b26bc118aaa7baa13c3c6d35fa34b

  • SHA1

    db28d373513d24c63079b4e08c60d236deb1e687

  • SHA256

    b797a4992639da21081ac39edff5e8b1a3eeaef91fff5c6f95a98ab3fd67b92d

  • SHA512

    2fe428bd38aad774e9ab055a863911c448e62b4e534bb696d3141727c79acfb4e48105b8d9738a39369fff69e76b2c3a15786272fddc4d468f3c2974b6e2be2d

  • SSDEEP

    24576:Xy07u12dt5Cnx/3FCEKb+lINSO28Q3k+hlUj/geBw8yVyQtvi1UtNe9Mq/Y:Xy0MCt5Cnx/3FCEC+lIQO28Q3k+hEIeE

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Bad Bird.exe
    "C:\Users\Admin\AppData\Local\Temp\Bad Bird.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3576

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads