Overview

overview

6

Static

static

3

9bb03be6c7...6b.exe

windows7-x64

6

9bb03be6c7...6b.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    167s
  • max time network
    176s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-03-2024 23:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9bb03be6c7d66151e4d54b7ab9e4bb06a558560a224ac14fb37d7884bcb74c6b.exe

  • Size

    965KB

  • MD5

    04a1c8e7530da93a0300835001505267

  • SHA1

    5f18f31ab71ee211a73c3cec8e1fbfca3301b863

  • SHA256

    9bb03be6c7d66151e4d54b7ab9e4bb06a558560a224ac14fb37d7884bcb74c6b

  • SHA512

    0700c88152c1bc8e0eb7b491c7d6c7dfef78122c1243094b1791c87e2f406e8bad5bc976b9fd12238e596c4f0f8fb210bcc4cca9965027b12dcfa1451a0ad918

  • SSDEEP

    12288:i2ToLD2QfWUEknSsmjj/UVF4THS2tKuXCFCTjMVJK1P5aEL3E3yhxoeVsc:ikuPfWsnnw/UV+HS2tjMVcRaT2v1

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9bb03be6c7d66151e4d54b7ab9e4bb06a558560a224ac14fb37d7884bcb74c6b.exe
    "C:\Users\Admin\AppData\Local\Temp\9bb03be6c7d66151e4d54b7ab9e4bb06a558560a224ac14fb37d7884bcb74c6b.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:1104
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4080 --field-trial-handle=2432,i,12161922670941700748,3348345705955601576,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:1108

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\9bb03be6c7d66151e4d54b7ab9e4bb06a558560a224ac14fb37d7884bcb74c6b.exe
      Filesize

      965KB

      MD5

      50c8f1dee1378d2b2dd2bb1ff87bf90b

      SHA1

      9dd525b0b34f3364a0d205a18f7b319cd6646fe3

      SHA256

      9f0f78b80e03a5ceb9e2c73d734498501a1e25a744a2116bbc6bbe7e11a83ba5

      SHA512

      85bf7bf186b19cc07644259ecc2bb376a1ee0d902fece73122fe6530344ef55c8511c4de134dfd5c16edd60cc87981f210c345199535d49de2142d41fa1adc82

      Download Submit

    • memory/1104-13-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-12-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-3-0x00000000024F0000-0x00000000024F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1104-9-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-14-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-11-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-4-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-2-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-10-0x00000000024F0000-0x00000000024F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1104-15-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-16-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-17-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-18-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-19-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-20-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download

    • memory/1104-21-0x0000000000040000-0x0000000000139000-memory.dmp

      Filesize

      996KB

      Download