Resubmissions
17-04-2024 12:21
240417-pjjbwaga8s 319-03-2024 10:24
240319-mfpy5sad21 319-03-2024 10:24
240319-mfb3aahe54 119-03-2024 10:21
240319-mdp65ahd96 419-03-2024 10:18
240319-mcen1ahd67 819-03-2024 10:07
240319-l5x6dahb83 319-03-2024 10:03
240319-l3vbpshh6z 8Analysis
-
max time kernel
1795s -
max time network
1803s -
platform
windows10-2004_x64 -
resource
win10v2004-20240319-en -
resource tags
-
submitted
19-03-2024 10:24
General
-
Target
EEEE.webp
-
Size
29KB
-
MD5
9485ce793d80b28b1f1a5041df199f36
-
SHA1
cc6ef9708c3d31f6285e6172745f3af032d8342c
-
SHA256
0a411e6a7f0499422b355db020dbc65be2cd2ef1fa297b752587080e66cac8d5
-
SHA512
e547b8ff6d1b5c54740426ad387530acedb1778b2d79f10ce793eb4adc8b85b02078622a188dfa0428e500918773095a60faef4285059ed43418872e555c478e
-
SSDEEP
768:iHv2vZr2itn04pqNFiFe3QCtVJ1b/7z8Vi7lo:F2Kek4QC7J1b/H8Co
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Windows\system32\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\EEEE.webp1⤵
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\EEEE.webp2⤵
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --mojo-platform-channel-handle=5924 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --no-appcompat-clear --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --mojo-platform-channel-handle=5784 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:11⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5808 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --no-appcompat-clear --mojo-platform-channel-handle=4056 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:81⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5736 --field-trial-handle=2264,i,1475924722205134884,16549311107360026087,262144 --variations-seed-version /prefetch:81⤵