Resubmissions
08/05/2024, 23:10
240508-25zbfacf8v 408/05/2024, 21:14
240508-z3n2ksad32 108/05/2024, 21:13
240508-z2344sfh4s 107/05/2024, 20:34
240507-zcg6caee3t 105/05/2024, 21:55
240505-1sx26sfa3x 105/05/2024, 19:37
240505-ybztbsbf7s 103/05/2024, 01:17
240503-bnjxbadd97 102/05/2024, 23:32
240502-3h9pbshd61 1Analysis
-
max time kernel
1s -
platform
windows11-21h2_x64 -
resource
win11-20240221-en -
resource tags
-
submitted
14/03/2024, 13:29
General
-
Target
https://github.com/FailedShack/USBHelperInstaller/releases
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Suspicious use of WriteProcessMemory 11 IoCs
Processes
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "https://github.com/FailedShack/USBHelperInstaller/releases"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url https://github.com/FailedShack/USBHelperInstaller/releases2⤵
- Checks processor information in registry
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4816.0.1723665233\847323433" -parentBuildID 20221007134813 -prefsHandle 1792 -prefMapHandle 1784 -prefsLen 20747 -prefMapSize 233444 -appDir "C:\Program Files\Mozilla Firefox\browser" - {01e99aff-d642-43d0-a0af-786d5400839a} 4816 "\\.\pipe\gecko-crash-server-pipe.4816" 1872 29faddd7b58 gpu3⤵
-
-
C:\Program Files\Mozilla Firefox\firefox.exe"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4816.1.1728573053\2108864006" -parentBuildID 20221007134813 -prefsHandle 2240 -prefMapHandle 2236 -prefsLen 21563 -prefMapSize 233444 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {7bec6f5e-d4fc-460e-99df-13da4fe10519} 4816 "\\.\pipe\gecko-crash-server-pipe.4816" 2252 29f9aa71f58 socket3⤵
-
-