Overview

overview

10

Static

static

10

83bf54974e...33.exe

windows7-x64

9

83bf54974e...33.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    142s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/04/2024, 23:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    83bf54974e67a8a96e6360cfd0a6a22900fa4fb81da37dc3fb10cc976a6e0733.exe

  • Size

    150KB

  • MD5

    5897437892e0eaf2269f552bfbaf58bf

  • SHA1

    f8d850dec72bef120a38831308c2b46b4107e8f1

  • SHA256

    83bf54974e67a8a96e6360cfd0a6a22900fa4fb81da37dc3fb10cc976a6e0733

  • SHA512

    7862d38977ed61ee9575c4f0ff7025754a4074b799c540f6a3d07de986ac0f2d4c40662bb4ae0c227eb72b9502482e5704a86a747dcf22d991b2a31f58aa4d33

  • SSDEEP

    3072:ge6FFhMinon+m7Of18tZ9PHnF+orVd/WDbf2k+nOkxCu6f:lWpcrPHnf0+vxCbf

Score
9/10
persistence

Malware Config

Signatures

  • Detects executables built or packed with MPress PE compressor 2 IoCs
  • Modifies AppInit DLL entries 2 TTPs
    persistence
  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\83bf54974e67a8a96e6360cfd0a6a22900fa4fb81da37dc3fb10cc976a6e0733.exe
    "C:\Users\Admin\AppData\Local\Temp\83bf54974e67a8a96e6360cfd0a6a22900fa4fb81da37dc3fb10cc976a6e0733.exe"
    1⤵
    • Drops file in Program Files directory
    PID:2240
  • C:\PROGRA~3\Mozilla\crdkdxb.exe
    C:\PROGRA~3\Mozilla\crdkdxb.exe -ofessij
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    PID:1192
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4104 --field-trial-handle=2280,i,11703952675008463361,17436195144517971517,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4684

    Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\ProgramData\Mozilla\crdkdxb.exe
            Filesize

            150KB

            MD5

            efd837c713d07fdc7d74468edfdcf3ce

            SHA1

            0b3b2736c3dfc69d4608ee0ad6c75ec98c0f7273

            SHA256

            7f4f464d7fd96c8b191bcc9c783618fd2aa229aa367b84e75b134228deac8ee7

            SHA512

            7577c31796864712387d1910a2deaf783df9031ecf7819484dd3c6b81b8c874cd346669a87f3453db54330cefb3a806cb23c78f7d3ffabbdd6117b72ddbd008a

            Download Submit

          • memory/1192-9-0x00000000004F0000-0x000000000054B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/1192-10-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/1192-13-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2240-0-0x0000000000400000-0x000000000045D000-memory.dmp

            Filesize

            372KB

            Download

          • memory/2240-1-0x00000000021E0000-0x000000000223B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2240-2-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2240-7-0x0000000000400000-0x000000000045B000-memory.dmp

            Filesize

            364KB

            Download

          • memory/2240-8-0x00000000021E0000-0x000000000223B000-memory.dmp

            Filesize

            364KB

            Download