Analysis

  • max time kernel
    150s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2024, 01:13

General

  • Target

    BuildBox-2-3-3_Loader_Setup.exe

  • Size

    616KB

  • MD5

    ec7acd8acab5bf247491004d68ca89c6

  • SHA1

    1b8b393b753d3946220704437d4fbbddac69aa69

  • SHA256

    c27d61a5fa480cb181aab2b5d5645dbefc24b2d7cf7a6d4d616f203d79fd7ea8

  • SHA512

    058dbf07312139b13f03668fa6984cd5bd9a612901b83fbd79f45c36837b9e789895c45d58854398ee8de9dc2d167ce2870eb67485126185627fbcc30caf92d2

  • SSDEEP

    12288:i7blM9ncHg42Om2KgXY3o1HUeI7VtIw2kB2K6sOT:i7blinY32Om2KgErxV+w2kB2NT

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BuildBox-2-3-3_Loader_Setup.exe
    "C:\Users\Admin\AppData\Local\Temp\BuildBox-2-3-3_Loader_Setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2932
    • C:\Users\Admin\AppData\Local\Temp\is-DLT7J.tmp\BuildBox-2-3-3_Loader_Setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-DLT7J.tmp\BuildBox-2-3-3_Loader_Setup.tmp" /SL5="$60210,219014,111104,C:\Users\Admin\AppData\Local\Temp\BuildBox-2-3-3_Loader_Setup.exe"
      2⤵
      • Executes dropped EXE
      PID:2608

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-DLT7J.tmp\BuildBox-2-3-3_Loader_Setup.tmp

          Filesize

          749KB

          MD5

          bf2f40b3ef26293972ae05a112c2f15c

          SHA1

          84656cc88b61450fefa1ca3589af916285ecd0fb

          SHA256

          ce58c94531faedbca16e1cb6beff233b5506276a86ab00effbe7a73fd3ae3e86

          SHA512

          87f65ecede50253d48b58a740c86b13b00f4410f76294b5b0ded47e47daea4cd9611d2691d0f56881b153b99668bcb6bea9260b8a9ba9ec7dd9ffba30b7a11f3

        • memory/2608-6-0x0000000000400000-0x00000000004CB000-memory.dmp

          Filesize

          812KB

        • memory/2608-9-0x0000000000400000-0x00000000004CB000-memory.dmp

          Filesize

          812KB

        • memory/2932-0-0x0000000000400000-0x0000000000422000-memory.dmp

          Filesize

          136KB

        • memory/2932-3-0x0000000000401000-0x000000000040C000-memory.dmp

          Filesize

          44KB

        • memory/2932-8-0x0000000000400000-0x0000000000422000-memory.dmp

          Filesize

          136KB