Overview

overview

7

Static

static

7

bbddca22a8...c3.exe

windows7-x64

3

bbddca22a8...c3.exe

windows10-2004-x64

3

$EXEFILE.exe

windows7-x64

4

$EXEFILE.exe

windows10-2004-x64

1

$PLUGINSDI...er.dll

windows7-x64

1

$PLUGINSDI...er.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

wget.exe

windows7-x64

7

wget.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-03-2024 12:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bbddca22a82f2805aadd6d1afa7600c3.exe

  • Size

    640KB

  • MD5

    bbddca22a82f2805aadd6d1afa7600c3

  • SHA1

    a3ec9271a035b1f24b20fef21f3f4ac6cb127352

  • SHA256

    202e925e39743c6c28f3588e4c152d3fe82f3e70782dda8545586971f3cd891f

  • SHA512

    f7e5a9c5f6e886fced01775f1f5dc78e23412e6567f1fc5c49a545a078ff0a3ceda1585948d6df67eae6fcf17e54ecc95fb6073dca77dbb6daec529da2c62100

  • SSDEEP

    12288:K8kR/g0bRZbMG1yD7jZzGAof4uHtSldwUSeIfn2IemgJ:K1SSRZgWtf4uNSldwUuk

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bbddca22a82f2805aadd6d1afa7600c3.exe
    "C:\Users\Admin\AppData\Local\Temp\bbddca22a82f2805aadd6d1afa7600c3.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    PID:1640

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads