Overview

overview

10

Static

static

4

TeraBox_sl....2.exe

windows7-x64

10

TeraBox_sl....2.exe

windows10-2004-x64

4

$PLUGINSDI...UI.dll

windows7-x64

3

$PLUGINSDI...UI.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sW.dll

windows7-x64

3

$PLUGINSDI...sW.dll

windows10-2004-x64

3

$TEMP/kernel.dll

windows7-x64

1

$TEMP/kernel.dll

windows10-2004-x64

1

AppUtil.dll

windows7-x64

1

AppUtil.dll

windows10-2004-x64

1

AutoUpdate...il.dll

windows7-x64

1

AutoUpdate...il.dll

windows10-2004-x64

3

AutoUpdate...te.exe

windows7-x64

1

AutoUpdate...te.exe

windows10-2004-x64

1

BugReport.exe

windows7-x64

3

BugReport.exe

windows10-2004-x64

5

Bull140U.dll

windows7-x64

1

Bull140U.dll

windows10-2004-x64

1

ChromeNati...st.exe

windows7-x64

1

ChromeNati...st.exe

windows10-2004-x64

1

HelpUtility.exe

windows7-x64

1

HelpUtility.exe

windows10-2004-x64

1

TeraBox.exe

windows7-x64

5

TeraBox.exe

windows10-2004-x64

5

TeraBoxHost.exe

windows7-x64

1

TeraBoxHost.exe

windows10-2004-x64

1

TeraBoxRender.exe

windows7-x64

1

TeraBoxRender.exe

windows10-2004-x64

1

TeraBoxWebService.exe

windows7-x64

1

TeraBoxWebService.exe

windows10-2004-x64

1

Resubmissions

28-03-2024 13:35

240328-qvvdysfd4s 4

21-03-2024 15:21

240321-srcqvaed68 10

Analysis

  • max time kernel
    91s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-03-2024 15:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BugReport.exe

  • Size

    1.4MB

  • MD5

    8f652f739e7a588ccca067b79769e8eb

  • SHA1

    33e3ef85ae22b9e67fba89e7f275bbc1ab02c885

  • SHA256

    3f260b1eac4c6b2ca4e5e8da257954b240d878a22f92b7fb88cea5dd91f6f332

  • SHA512

    c6322ca2dde2488e5ee693d73107acebccf48a7a8d444cb0ba58fe44c2911a2ccd14c0098a2df1d4fc2844b1b0d331e5770eb1d716edbfc3b61f4f22e305a8eb

  • SSDEEP

    24576:vvlG+2O6nLOdc1G0BNmo5Suno0i1eBU2Jqh5Xok4NJFXunrAHPr8qFTtfkx5ApvF:vvlzEy0BNmoYuLqHMunsHPr8qFTKMpvF

Score
5/10

Malware Config

Signatures

  • Checks computer location settings 2 TTPs 1 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BugReport.exe
    "C:\Users\Admin\AppData\Local\Temp\BugReport.exe"
    1⤵
    • Checks computer location settings
    • Suspicious use of WriteProcessMemory
    PID:4676
    • C:\Users\Admin\AppData\Local\Temp\BugReport.exe
      "C:\Users\Admin\AppData\Local\Temp\BugReport.exe" /repair "rp:" ""
      2⤵
        PID:5048

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads