Overview

overview

7

Static

static

3

brusb-x64-setup.exe

windows7-x64

7

brusb-x64-setup.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

RemoveReg.exe

windows7-x64

1

RemoveReg.exe

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

br_mcu2usb.sys

windows7-x64

1

br_mcu2usb.sys

windows10-2004-x64

1

dpinst.exe

windows7-x64

4

dpinst.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/05/2024, 19:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    brusb-x64-setup.exe

  • Size

    532KB

  • MD5

    392d51b77fa85b120022238bf7fec6bc

  • SHA1

    ee7766ad5bd9fe3fa8bb69ec2d3340f0136d7015

  • SHA256

    cfc5c3662c08d7d09c7f6e47837cc2dad652d333137cc38e2f72cd4e431afd36

  • SHA512

    1ca3bf4c62b0f34bc6efdc45440c0d7e443944905f29954b25ae20c6c6355dd0dccd863c9acbfcbb6e5ade598157a04adfa4d957353e5bf34facf56b6b0644c6

  • SSDEEP

    12288:QVz7pPs0r0ru3i5fwi1tFuowM3dFAiJNE1349i+L9xniZZ:QVzu0rvy5fwiDFuoj3vAMk6r9Nij

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\brusb-x64-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\brusb-x64-setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\nsoADB.tmp\LangDLL.dll
    Filesize

    5KB

    MD5

    9384f4007c492d4fa040924f31c00166

    SHA1

    aba37faef30d7c445584c688a0b5638f5db31c7b

    SHA256

    60a964095af1be79f6a99b22212fefe2d16f5a0afd7e707d14394e4143e3f4f5

    SHA512

    68f158887e24302673227adffc688fd3edabf097d7f5410f983e06c6b9c7344ca1d8a45c7fa05553adcc5987993df3a298763477168d4842e554c4eb93b9aaaf

    Download Submit