Overview
overview
7Static
static
3Sandboxie-....7.exe
windows7-x64
7Sandboxie-....7.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...pe.ini
windows7-x64
1$PLUGINSDI...pe.ini
windows10-2004-x64
1$PLUGINSDI...il.exe
windows7-x64
1$PLUGINSDI...il.exe
windows10-2004-x64
1$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...ll.dll
windows7-x64
1$PLUGINSDI...ll.dll
windows10-2004-x64
1$PLUGINSDI...sg.dll
windows7-x64
1$PLUGINSDI...sg.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...ng.ini
windows7-x64
1$PLUGINSDI...ng.ini
windows10-2004-x64
1$PLUGINSDI...al.ini
windows7-x64
1$PLUGINSDI...al.ini
windows10-2004-x64
1$PLUGINSDI...rd.bmp
windows7-x64
3$PLUGINSDI...rd.bmp
windows10-2004-x64
732/SbieDll.dll
windows7-x64
332/SbieDll.dll
windows10-2004-x64
332/SbieSvc.exe
windows7-x64
132/SbieSvc.exe
windows10-2004-x64
1KmdUtil.exe
windows7-x64
1KmdUtil.exe
windows10-2004-x64
1LICENSE.txt
windows7-x64
1LICENSE.txt
windows10-2004-x64
1Manifest0.txt
windows7-x64
1Manifest0.txt
windows10-2004-x64
1General
-
Target
Sandboxie-Classic-x64-v5.68.7.exe
-
Size
2.9MB
-
Sample
240602-beh9esdh93
-
MD5
d6d7d9a99e81f65d3a93af5c763f6bec
-
SHA1
ade28df205b3352d21b89bd506a33447e11fae26
-
SHA256
baa1b8c345096214d0301a82bb569b358895a7b80c380893a1d9f6cba5956a30
-
SHA512
92dbaa7e49790f25d290cb17715d8ca9d54945e485b8b5f852a40bf311fe67e394bb24d9195a4127480e73911beda0903fce29973235ae967fd01c1209105e18
-
SSDEEP
49152:zZOWtyXwGtGeoVo4fTbGx4GxU06AMzU0tMrIRdOZd3N6JzdrSFDqnXL40:zQTXwGtC24fWxVUPzGrEEb3S8FD8Xk0
Static task
static1
Behavioral task
behavioral1
Sample
Sandboxie-Classic-x64-v5.68.7.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
Sandboxie-Classic-x64-v5.68.7.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/InstallType.ini
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/InstallType.ini
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/KmdUtil.exe
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/KmdUtil.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win7-20240508-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/LangDLL.dll
Resource
win10v2004-20240426-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/SbieDll.dll
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/SbieDll.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/SbieMsg.dll
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/SbieMsg.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/Warning.ini
Resource
win7-20240508-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/Warning.ini
Resource
win10v2004-20240508-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/ioSpecial.ini
Resource
win10v2004-20240426-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win7-20240419-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/modern-wizard.bmp
Resource
win10v2004-20240426-en
Behavioral task
behavioral23
Sample
32/SbieDll.dll
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
32/SbieDll.dll
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
32/SbieSvc.exe
Resource
win7-20240220-en
Behavioral task
behavioral26
Sample
32/SbieSvc.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral27
Sample
KmdUtil.exe
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
KmdUtil.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
LICENSE.txt
Resource
win7-20231129-en
Behavioral task
behavioral30
Sample
LICENSE.txt
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
Manifest0.txt
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
Manifest0.txt
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Sandboxie-Classic-x64-v5.68.7.exe
-
Size
2.9MB
-
MD5
d6d7d9a99e81f65d3a93af5c763f6bec
-
SHA1
ade28df205b3352d21b89bd506a33447e11fae26
-
SHA256
baa1b8c345096214d0301a82bb569b358895a7b80c380893a1d9f6cba5956a30
-
SHA512
92dbaa7e49790f25d290cb17715d8ca9d54945e485b8b5f852a40bf311fe67e394bb24d9195a4127480e73911beda0903fce29973235ae967fd01c1209105e18
-
SSDEEP
49152:zZOWtyXwGtGeoVo4fTbGx4GxU06AMzU0tMrIRdOZd3N6JzdrSFDqnXL40:zQTXwGtC24fWxVUPzGrEEb3S8FD8Xk0
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
14KB
-
MD5
046074d285897c008499f7f3ad5be114
-
SHA1
159040d616a056ee3498ec86debab58ef5036a55
-
SHA256
254c5ccbce59ad882f7f51d0bf760cabde8c88c5af84e13cc8ad77ba0361055c
-
SHA512
ab7436fda44e340dd5909ddec809c6b569a90d888529ef9320375e1aae7af85afcab8c1c1618551d3fe8d6ae727f7dca97aa8781b5555da759d501d2ccd749e1
-
SSDEEP
192:+Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijqK72dwF7dBEnbok:+GvdH4qMebzPY2Vijq+BEnbo
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallType.ini
-
Size
640B
-
MD5
46d2e7e6d3d5ee061b5646df6834af33
-
SHA1
0a18c3a1ddb2cb56abac24c4bd378d3767065290
-
SHA256
a9a81ca9a2ebec41663e1da4e5d480e6eaf9bcbde266abb9a0770dc9118186b9
-
SHA512
e344d14d0cc9ef0bb893a821fbaa9ddfcb3d1987c32228ebdae0418b3f1bf7f83435e38f87593db4de0157d45345a9f72e6c1e7ca36a46d13b7e35577292237a
Score1/10 -
-
-
Target
$PLUGINSDIR/KmdUtil.exe
-
Size
210KB
-
MD5
baafac8d8ee251bca4edd6ea69a9dd1b
-
SHA1
51a1e3fc7f4f7eaf5adcd2473f9f0e554df580d2
-
SHA256
5aa455646a51be2959ed4156634d32fc66fbc01efdf04b6f9e1cc9f9cf14ad9b
-
SHA512
92d0a14ce4531019ce59c4d1be90fb0448896dfc3945fad21d253b2e38228654b581e9d2fbe181fc84f812fc3c528d0479bc6cbb64ac0fbf1ae94cc6a3ab60bc
-
SSDEEP
3072:kEE3d21u1+H+CrH9vXrYiBOBPQug8a+QxXVAL8TIzKLPwSfWv:Fg1lCrH1XrYXBFJabBPwSev
Score1/10 -
-
-
Target
$PLUGINSDIR/LangDLL.dll
-
Size
5KB
-
MD5
4cdaaf5da900a8eaed090cd22b8f8781
-
SHA1
6c7d9cfd96e66d236b66b8d50d65083a0dbb1b11
-
SHA256
09477d605677bea48019b896f068ce6c2e89004e5c5f0a86c0276db30c6515a6
-
SHA512
3797d59aeb908dcd66c63eca76cb2064416d3b66033dc687bc7a9c50e2979c42ac94773f54bc8ec45a9cd69c8056b83a2bca6efcd703f71a4b5f67e166f1e06d
-
SSDEEP
48:iV6HAvq8WeMPUptuM4Z+0x/ImnycNSCwVYOY4vnpXTHhHX/JvR0J/of5d2:2yplJ5ZbnycNSCwVYTwFB3ZR0Qd2
Score3/10 -
-
-
Target
$PLUGINSDIR/SbieDll.dll
-
Size
877KB
-
MD5
d3d71408021b1387d010aa5370665313
-
SHA1
96964fe5f5ff893501dcae8be9537e9982793e51
-
SHA256
2bd7df683baf4fe51303aa3057fd14969b418a8ec42a14dff7f9d12c23d0ccdb
-
SHA512
8e0872575241c69b4d568ea2da76085cdce308ca7524142e3feaae89457b6bb32d091baf1d48f25a7a8196c724defd3e98cbedbcbf4a254aaa87b85819e062bc
-
SSDEEP
12288:rTK6eC69xNDKTjGN2gbW3FoW0qoY8qW52HlwI:rTKvX9yeMkWVoWRoEHOI
Score1/10 -
-
-
Target
$PLUGINSDIR/SbieMsg.dll
-
Size
3.1MB
-
MD5
3514503abf2a97a66ddfeabfd21396ed
-
SHA1
31500856c7a5484064dd87c26f5983fd6f32f0cb
-
SHA256
773a72fcf792f426f9ae0e8889c9d9e765159baf40d734ce59e5bd5fedea736b
-
SHA512
872e564b8ed9b3bb3b94103215be655a09a81e106cc6afdaf2a30969bd3b95f417b6d79413238f7922f6c3c05fd3d09a05222e9bf889bfabdf8bdc26bca46aa2
-
SSDEEP
12288:rwVRRirSHvOUvkwOen9QwGLs61U5RXvPtu4HOcDIM2nOPCHT:rsi00wOenL361U5RXvPk4Hbw
Score1/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
10KB
-
MD5
0ff5120f1afd0f295c2baa0f7192d3f8
-
SHA1
bde842d5d11005dcb4ff1d4ea97da31865477697
-
SHA256
4ca5bf1beb4b802914c4d3e2f37861f6ba5ecf969cfeadf5855edf58f647a721
-
SHA512
e049ffd7aace8d136eee007ee4f8dbc2ae8f3dce79d1c633d9654392240f8215787df8a6d08085257db51f28ff2a8023a13333dda3ea7f9bdc8b9c57b605f0a0
-
SSDEEP
192:Xv+cJZE61KRWJQO6tFiUdK7ckD4k7l1XRBm0w+NiHi1nSJ:Xf6rtFRdbQ1W+fn8
Score3/10 -
-
-
Target
$PLUGINSDIR/Warning.ini
-
Size
412B
-
MD5
4d358b27a971751e0c517061c948d96a
-
SHA1
04b7bbc12f641edbcf8acb6eeb90508e0d6b810a
-
SHA256
74ee005ceb920094d99aa274ed37429efe439fbc10e9d238c78db4c836018a17
-
SHA512
753cae46b7fc94bea26fd479322395951eb64c6a1854bfc88182596a5babffae8fc51d1f36c70630ffa61abb514372f88c4063b50f7b33f9fd53f74f797e75f4
Score1/10 -
-
-
Target
$PLUGINSDIR/ioSpecial.ini
-
Size
211B
-
MD5
e2d5070bc28db1ac745613689ff86067
-
SHA1
282e080b4cf847174c5c11e4f9157b8c338ecb19
-
SHA256
d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
-
SHA512
a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score1/10 -
-
-
Target
$PLUGINSDIR/modern-wizard.bmp
-
Size
25KB
-
MD5
cbe40fd2b1ec96daedc65da172d90022
-
SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944
-
SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
-
SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
-
SSDEEP
24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
32/SbieDll.dll
-
Size
698KB
-
MD5
3a146a25de5d716d97ff10fe0263a890
-
SHA1
c9bb193c151c2c11767e1572ccae426d951e0eaf
-
SHA256
9dc4936d981a76d9955d046738639f8d42d49735093da16ee6a95155a11a81f2
-
SHA512
bfd22dc81b66d92a85eb2eec9bf775f36120fee2e2255f6090090101d523d5e57bbac30c803a4116e665879daa258b50a8e199bbbeb992b09a49861b8867bd7c
-
SSDEEP
12288:QdF3zvvr0W1kRnk4L7pTOaqlg3CeUVgZdNCqVaXCGM5PPep03A:+3zvIW14kw1O9g3CzVAdNCqVaXCXP3A
Score3/10 -
-
-
Target
32/SbieSvc.exe
-
Size
309KB
-
MD5
b4c0a56739a0e19420607fa4478f3f5c
-
SHA1
812489cf499c952f5414abe447884a536bccda2f
-
SHA256
3f33a3c02fea8b600cf23f7da51e571f5f0080423f5c13b492708b535886f568
-
SHA512
f64db6143c0df8afb40204877ae4c0c18ca432d2681bc28392cfb9b29f228f94e5ba2a996d3f122b705c06dd6f17a691f7ed2f2b20464d24a67c41337b63c54c
-
SSDEEP
6144:+mnLX/XlqjiE5BNxO4m4ziCqigC3QD48mUaCue1oYcxnDUWz:jLX/VlehO4m42Cqi/QDxuegxnDUU
Score1/10 -
-
-
Target
KmdUtil.exe
-
Size
210KB
-
MD5
baafac8d8ee251bca4edd6ea69a9dd1b
-
SHA1
51a1e3fc7f4f7eaf5adcd2473f9f0e554df580d2
-
SHA256
5aa455646a51be2959ed4156634d32fc66fbc01efdf04b6f9e1cc9f9cf14ad9b
-
SHA512
92d0a14ce4531019ce59c4d1be90fb0448896dfc3945fad21d253b2e38228654b581e9d2fbe181fc84f812fc3c528d0479bc6cbb64ac0fbf1ae94cc6a3ab60bc
-
SSDEEP
3072:kEE3d21u1+H+CrH9vXrYiBOBPQug8a+QxXVAL8TIzKLPwSfWv:Fg1lCrH1XrYXBFJabBPwSev
Score1/10 -
-
-
Target
LICENSE.TXT
-
Size
762B
-
MD5
0d8cd0c582ae66de515fb8bde81a4aca
-
SHA1
3e4604cba2be3894f33176a873e906a2b788c1eb
-
SHA256
b4258283b3a0d9d6213e78557149f96d0538fc066d114871a4e23dd1e760c3d1
-
SHA512
ec5e82df0451e0f9d7efe3d2226993f091c7e9f84aa78c043a6707abe9333cf2760eb96c6903c0508f2d35b269604404c8fc0cd5c1412599ed11cd76fcc7325b
Score1/10 -
-
-
Target
Manifest0.txt
-
Size
2B
-
MD5
81051bcc2cf1bedf378224b0a93e2877
-
SHA1
ba8ab5a0280b953aa97435ff8946cbcbb2755a27
-
SHA256
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
-
SHA512
1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d
Score1/10 -