Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    24-05-2024 10:56

General

  • Target

    $_2_/SBIEBrowserHelperObject.dll

  • Size

    85KB

  • MD5

    52d293049d6a20efc18b9b8a069f165a

  • SHA1

    94fc38dda4c6571e34b76429627f8e038cd8a8b1

  • SHA256

    a61fb12c44f70e0afa16f545ccd780abdc53668bcbf2a5860a28d98b41a461f4

  • SHA512

    3dad6d3b609c4248212301d74fc63448380ef831fb3ce228a2ab9678a90b31d61301b484bd2cc26fcb2cd6c2167a304a4fbc01450fc9bcf286d2ef76988b3ccc

  • SSDEEP

    1536:x72vJ+JQ3jOP1uoq/nyCJd1eeYEcEltXsWjcdXC8loQYy:x72R+mOPwj6BgiS8lH

Score
6/10

Malware Config

Signatures

  • Installs/modifies Browser Helper Object 2 TTPs 2 IoCs

    BHOs are DLL modules which act as plugins for Internet Explorer.

  • Modifies registry class 5 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\$_2_\SBIEBrowserHelperObject.dll
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Windows\SysWOW64\regsvr32.exe
      /s C:\Users\Admin\AppData\Local\Temp\$_2_\SBIEBrowserHelperObject.dll
      2⤵
      • Installs/modifies Browser Helper Object
      • Modifies registry class
      PID:1896

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads