Overview

overview

7

Static

static

3

cbb9c58655...d2.exe

windows7-x64

7

cbb9c58655...d2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/03/2024, 15:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cbb9c586550fafb518ffd4567b873fd2.exe

  • Size

    82KB

  • MD5

    cbb9c586550fafb518ffd4567b873fd2

  • SHA1

    2f512c796eae45a183d2240f88b27be3dea426bb

  • SHA256

    fdcc7b126a464e016f8865dd149abf16a30065aaebb7770c428d7b48ad9aafbe

  • SHA512

    a92f2e203eca0f36271d89110929176fcb2404bacd311e149de1572312e2736c02a95080a16aef77e8b40e12161133fa75bd6fe7f0d7a540bd8cbbf694b61ff0

  • SSDEEP

    1536:evxz6PXH12ZT1cpBKArRZRcBHUSRAeHxzE5BIiXB42xf+x:+AV25u6ArRTcBHQbBIieHx

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cbb9c586550fafb518ffd4567b873fd2.exe
    "C:\Users\Admin\AppData\Local\Temp\cbb9c586550fafb518ffd4567b873fd2.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2784
    • C:\Users\Admin\AppData\Local\Temp\cbb9c586550fafb518ffd4567b873fd2.exe
      C:\Users\Admin\AppData\Local\Temp\cbb9c586550fafb518ffd4567b873fd2.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2524
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1416 --field-trial-handle=2228,i,521073434451423547,2311651514500527526,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4924

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\cbb9c586550fafb518ffd4567b873fd2.exe
      Filesize

      82KB

      MD5

      9bb027fe72cb6437d4a0a53ba389244b

      SHA1

      a76175b2423aee76e2750db7414c7d4f27de806e

      SHA256

      2a03bffc58d4ac057500e65805f63b3c2a7352bbef46592529803f29e955570e

      SHA512

      145992053a0725953d3bc3da875dac5b59a44428122e2b9089fea90c5b6733a2dfb49837a10a98bf33f92b54b1755aef64c108103fc7cb86a8534de11012dcfb

      Download Submit

    • memory/2524-13-0x0000000000400000-0x000000000042F000-memory.dmp

      Filesize

      188KB

      Download

    • memory/2524-15-0x00000000001B0000-0x00000000001DF000-memory.dmp

      Filesize

      188KB

      Download

    • memory/2524-20-0x0000000000400000-0x000000000040E000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2524-24-0x00000000014E0000-0x00000000014FB000-memory.dmp

      Filesize

      108KB

      Download

    • memory/2784-0-0x0000000000400000-0x000000000042F000-memory.dmp

      Filesize

      188KB

      Download

    • memory/2784-1-0x00000000001C0000-0x00000000001EF000-memory.dmp

      Filesize

      188KB

      Download

    • memory/2784-2-0x0000000000400000-0x000000000041B000-memory.dmp

      Filesize

      108KB

      Download

    • memory/2784-11-0x0000000000400000-0x000000000041B000-memory.dmp

      Filesize

      108KB

      Download