Overview
overview
7Static
static
7bbddca22a8...c3.exe
windows7-x64
3bbddca22a8...c3.exe
windows10-2004-x64
3$EXEFILE.exe
windows7-x64
4$EXEFILE.exe
windows10-2004-x64
1$PLUGINSDI...er.dll
windows7-x64
1$PLUGINSDI...er.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ec.dll
windows7-x64
3$PLUGINSDI...ec.dll
windows10-2004-x64
3wget.exe
windows7-x64
7wget.exe
windows10-2004-x64
7Analysis
-
max time kernel
149s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
09-03-2024 12:59
Behavioral task
behavioral1
Sample
bbddca22a82f2805aadd6d1afa7600c3.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
bbddca22a82f2805aadd6d1afa7600c3.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$EXEFILE.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$EXEFILE.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/Banner.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/Banner.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsExec.dll
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsExec.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
wget.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
wget.exe
Resource
win10v2004-20240226-en
General
-
Target
bbddca22a82f2805aadd6d1afa7600c3.exe
-
Size
640KB
-
MD5
bbddca22a82f2805aadd6d1afa7600c3
-
SHA1
a3ec9271a035b1f24b20fef21f3f4ac6cb127352
-
SHA256
202e925e39743c6c28f3588e4c152d3fe82f3e70782dda8545586971f3cd891f
-
SHA512
f7e5a9c5f6e886fced01775f1f5dc78e23412e6567f1fc5c49a545a078ff0a3ceda1585948d6df67eae6fcf17e54ecc95fb6073dca77dbb6daec529da2c62100
-
SSDEEP
12288:K8kR/g0bRZbMG1yD7jZzGAof4uHtSldwUSeIfn2IemgJ:K1SSRZgWtf4uNSldwUuk
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
bbddca22a82f2805aadd6d1afa7600c3.exepid process 1640 bbddca22a82f2805aadd6d1afa7600c3.exe