Overview

overview

8

Static

static

3

9f52f838a0...b0.exe

windows7-x64

8

9f52f838a0...b0.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    161s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-04-2024 20:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9f52f838a09dab0f2d42646a94141cb0.exe

  • Size

    148KB

  • MD5

    9f52f838a09dab0f2d42646a94141cb0

  • SHA1

    20a614ca79f6a034ff2e8e743bda019ff1cd62d7

  • SHA256

    6b6e52effc87b4408658ac9a6170899e257b0bd90e814901384fec8da0d5d1f5

  • SHA512

    d88ab8fcf3992eacecd34908fe3e64117ef9687263d7841f691d11d833e7758aebdb11c034f31136043fae2f4763c4b2d8261c4acb16b1faf7fc6471c7463719

  • SSDEEP

    3072:dFugOVIc1+I8X9ySrCunXB/52jQgSJpJePVSnR7z:dFZOngIedrNnXBQERJpJBJz

Score
8/10
persistence

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\9f52f838a09dab0f2d42646a94141cb0.exe
    "C:\Users\Admin\AppData\Local\Temp\9f52f838a09dab0f2d42646a94141cb0.exe"
    1⤵
    • Drops file in Program Files directory
    PID:1528
  • C:\PROGRA~3\Mozilla\jhifwqk.exe
    C:\PROGRA~3\Mozilla\jhifwqk.exe -zmqutfb
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1812
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4080 --field-trial-handle=2244,i,11986678581565715302,451159359636456336,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3944

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\Mozilla\jhifwqk.exe
      Filesize

      148KB

      MD5

      393e71ae108f8a5341546f8ef9b1df30

      SHA1

      322ba994a6e2715aa2ca0dd7bbf25b8035e028d6

      SHA256

      040cb0605742f5fc95a324045382ac1a2d9d821f0ebf78855c3bcef2d405386d

      SHA512

      c95dc5592b8529888f575ac722117e4a0363d807311a8e7789c67f4a47c34ebd6ed2d82920b753b6aae1e6683950e952e0675e5dc34e08b28533cf7c0baadaf2

      Download Submit

    • memory/1528-0-0x0000000000400000-0x0000000000429000-memory.dmp

      Filesize

      164KB

      Download

    • memory/1528-1-0x00000000008A0000-0x00000000008FB000-memory.dmp

      Filesize

      364KB

      Download

    • memory/1528-7-0x0000000000400000-0x0000000000429000-memory.dmp

      Filesize

      164KB

      Download

    • memory/1812-10-0x0000000000400000-0x0000000000429000-memory.dmp

      Filesize

      164KB

      Download

    • memory/1812-11-0x00000000008C0000-0x000000000091B000-memory.dmp

      Filesize

      364KB

      Download

    • memory/1812-17-0x0000000000400000-0x0000000000429000-memory.dmp

      Filesize

      164KB

      Download