fe92a0c3ac848d23c2dc607b571e1ea804ef9e5a4fbd81412509929afe94e59c | Triage

Submit
Reports

Overview

overview

Static

static

3

372d4853ed...27.exe

windows7-x64

1

372d4853ed...27.exe

windows10-2004-x64

1

89a7d75e00...67.exe

windows7-x64

1

89a7d75e00...67.exe

windows10-2004-x64

1

da5226b7d4...ef.exe

windows7-x64

8

da5226b7d4...ef.exe

windows10-2004-x64

8

fdb5b2a004...e9.exe

windows7-x64

fdb5b2a004...e9.exe

windows10-2004-x64

Analysis

max time kernel
138s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
28-05-2024 01:51

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

372d4853eda962e2d8f6ab3f7c444f7d6c9c1f0285d60fc55a9204ae3c2a1227.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

372d4853eda962e2d8f6ab3f7c444f7d6c9c1f0285d60fc55a9204ae3c2a1227.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

da5226b7d4fb1a02e9f30a6b226fb8b0d5a08b28f8d1a95bb029d42bd093fbef.exe

Resource

win7-20240221-en

bootkit evasion persistence spyware stealer trojan

windows7-x64

24 signatures

150 seconds

Behavioral task

behavioral6

Sample

da5226b7d4fb1a02e9f30a6b226fb8b0d5a08b28f8d1a95bb029d42bd093fbef.exe

Resource

win10v2004-20240226-en

bootkit discovery evasion persistence spyware stealer trojan

windows10-2004-x64

26 signatures

150 seconds

Behavioral task

behavioral7

Sample

fdb5b2a0041b0939552ecd31e382e28529313c8bc8a656eb7de1cef9fbd6eee9.exe

Resource

win7-20240221-en

sectoprat evasion rat themida trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral8

Sample

fdb5b2a0041b0939552ecd31e382e28529313c8bc8a656eb7de1cef9fbd6eee9.exe

Resource

win10v2004-20240508-en

sectoprat evasion rat themida trojan

windows10-2004-x64

12 signatures

150 seconds

Report Analysis Logs

General

Target

89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867.exe
Size

3.0MB
MD5

a50b48c85f4d26cf6324834a0f606fa2
SHA1

c2e0b57fc1e6477fa8312ebeed4855239ac04ef2
SHA256

89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867
SHA512

1f3c45e2628040f9d528cac32b7e8dd3eb8c8f0003a9f283d2e4df1c97979d6d6a9f6906f3ff871f03e68236c4d210d95f4cedaa8a826d9ab98d65a916bad8b1
SSDEEP

49152:0uW6krivgOWOLKeGoeJ1RMrntlcpr7S0t5xNe1YI5ZnKWPPhc+yAjwfOsQqShibT:0uWRHOW+ym4pr7S0XC1YOPPhcEsfOsQU

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867.exe
"C:\Users\Admin\AppData\Local\Temp\89a7d75e00d0ad1cc305d8e91214d8a44374bec4b99f7f19042703fa4ca74867.exe"
1⤵
PID:2024

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3096 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
1⤵
PID:1264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy