Overview

overview

10

Static

static

10

08b3af2d27...75.exe

windows7-x64

7

08b3af2d27...75.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-06-2024 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975.exe

  • Size

    38.8MB

  • MD5

    66f27b9ac5cf21dd0a6d652ba911ee81

  • SHA1

    be7af43e7eaa67aab2905868d1e1b8c6437aa526

  • SHA256

    08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975

  • SHA512

    21cf518b88fe15b0d9d2e83037f57f2ac47eddb8e23ac7b2d760cb1ef1da39e1021869e78c5fb03beb1cbfbab57cd1272e75b1d7f17160735f27ed823d08a087

  • SSDEEP

    393216:Z+tYgsxPOzdUaOoVLB0lrwKUhOVTKLbBbD90NkVbUsTIDoL8qts5sr:kY5kOlrk6TKLbB3Vaq/

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975.exe
    "C:\Users\Admin\AppData\Local\Temp\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975.exe"
    1⤵
    • Loads dropped DLL
    PID:3240
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4356,i,15142778360084620907,1763097090506261076,262144 --variations-seed-version --mojo-platform-channel-handle=4380 /prefetch:8
    1⤵
      PID:4232

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\Microsoft.Win32.Primitives.dll
      Filesize

      7KB

      MD5

      8d41f9009844e3407a1e3d4a2ef0aa8c

      SHA1

      8f40d3bc455820acc205b9c15febe9b6b986a155

      SHA256

      6774e830aeb8413761b0e0d716354644c283af35430fdbc86617f1253a3ccff0

      SHA512

      90ac0505b6304360e0f455f9566b199297350d89f662fcd7d47ac8d3306e995bf1ea61ce25a5f83bd27b0534d1a5f9444d3005e6ec5959146570a312418a8546

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\RWDWrapper.dll
      Filesize

      139KB

      MD5

      2d200dedc7a52471b7641aeacb2921c4

      SHA1

      8dc2e28932b943649e2e0f8e78c68c5d150f78a7

      SHA256

      d9f9dd10b6a0a5cf4bd2997aa0544f370d3c04651addd6afd9ab7e35ee3f1518

      SHA512

      090c745c8f630147427a212d605b81f0e3d7b6f5d9bb2d284fd07575bc356c5a7ca2111c4f9108d0e062848a7d5072585d08c5a70700efd9922f684b33b797d1

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.ComponentModel.Primitives.dll
      Filesize

      20KB

      MD5

      0c9845f41513a2631dcf42450688a37e

      SHA1

      bd229b06b21d76066eb88f3228b09c8db89958c0

      SHA256

      161fababb5153bafdbf7f44e4cfc2ae871d99c4d70db19e29ffe37726c81e61f

      SHA512

      9a54cdae021d54e5585c5bd926c9ba6f9a2568480985d57f5da5bc8d13535516d81fbde563dad476203c47b3754072ded01fe61ca85624120767d291b0e98366

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.Console.dll
      Filesize

      61KB

      MD5

      e58dd22613bc197df11ed11216b55bab

      SHA1

      41e1749ecf1d5ac07c9246e4a8540ed9dba35bc6

      SHA256

      3655e6959628574de2c73654e8c68fe0347851032ef3035b40e5e9e8e193b31a

      SHA512

      baf66148773310e49b12982db8215459d9f6a528b4fe0f917b5a865ce4dc45ef71f37b0d02f4c6ef2ab6e29c96e8806ef1c19e20f5f7df4a9562c63318afbbaa

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.Diagnostics.Process.dll
      Filesize

      102KB

      MD5

      6a98818f32f106020784cc241f7686f5

      SHA1

      1111531dd9b45766ad14c8be21c5f518ca8b2386

      SHA256

      953a575cf40f5601fcf87e56e165dfab1f4939edf7d0d8d0ed0f4c13c33a8ef9

      SHA512

      664869eedea023ba672a9b88b59fb6d0e80f60aaa2c331d6c869f30ba131025c95a737212cd55bd7e19c4129652b9f3daceb74358276b65fca9eb4432fa38974

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.IO.FileSystem.dll
      Filesize

      83KB

      MD5

      2332d90506ceccfdb300e74c9c3c2ab2

      SHA1

      05c0663eba2c20ed5f3091fad3e47c69b65fa391

      SHA256

      6d032b47e4f85aeb52ceab958bace26aa65243894ab09c1cd9fb712ca0f45f58

      SHA512

      c9548a28cae3ba6ba723e31ede90fdd9dfd9fade725aa9605de6d069420425f4848eb3a936d78c3a24e495bee66f9b0080566046a2543f2308ce1da1203b050f

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.Private.CoreLib.dll
      Filesize

      9.1MB

      MD5

      57ad62b9d084fa2ef202892517a296dd

      SHA1

      1e8a884d106df88812b83bc17a7a6b3c24d74b4e

      SHA256

      c0da460231ccf40041c90b79b9c6e4ea59ab1562e553d9e23788354fbeef5b02

      SHA512

      4d3eb3d77ccb80c54acc15952527ad246cae2d1f7b3ddf0d7e3145dcb0c37f13cdd4cc8b5314057ee127d8af88b3fa361c29a5af3916fbce65697bd1a85a786c

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.Security.Claims.dll
      Filesize

      37KB

      MD5

      66986baf160237749a1e80b1535d0f8b

      SHA1

      8896b7b59793fb06d52e0fce5d1fdf1f5aefe694

      SHA256

      cd05e15b32f9e9a45fc5730708d979a41da43893e9d3eb9509a6e88db104b9f6

      SHA512

      288af028476c46b95e5d744532e36f83ca4952656c7e9e321de5c6e1c1b956dc88f2dcd846b61a0aa3211686dccbe8fbe75032ee8d6bdab853cfe45347cfa4b6

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\System.Security.Principal.dll
      Filesize

      14KB

      MD5

      38f2196ef024547c680d5e5e0673e611

      SHA1

      203c625ab917bea623a24a7f0f4a44be18af865c

      SHA256

      2c766be11c8b9ca8f1c838ea74972aca1c51c96ee14ea1911b0c13a1fd456368

      SHA512

      8e05af95ccb9b4d4cc999a9ad9d2a3d76b193e4860a4ed31f4c31577fe7aef742aa17410824c54868277d8cc0d07cd25183caf9fac45747301e7982f5d081c15

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\clrjit.dll
      Filesize

      1.2MB

      MD5

      cbd2aaa58e463492afa6d251b10558ef

      SHA1

      7235789f730868f78f3db183871eb27a22b8f86d

      SHA256

      a14232fefe2f922b7fdc98338cb47eb769f13bee756edb269b6c0e62a29fe4f1

      SHA512

      90a58582361bf04baa353373233437411e544cdae0d99ba531349699df528a90b188d5b9b9404c9fd5bc4b054bcaf03606f6643ec3f6e7dee6756bac0b468ad0

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\coreclr.dll
      Filesize

      5.3MB

      MD5

      1b66ba3e5018d8a72433be018b7165bb

      SHA1

      644f6194166a270c473bbeaa38089a257fa3c291

      SHA256

      c956c6551e44bd33f237e7dc7b058f56f9acf959d854b185a81efd7340cc7552

      SHA512

      2d6be521fbf509b6dda91c6a6fcc8db71a8214fc27156d24b2a7d7c07b59f7e9da3a2dc5ea26cef9db8cda716dec380fd5359349e0900f8a92c5c50f40f5d2a2

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\hostfxr.dll
      Filesize

      586KB

      MD5

      f2ba4fd414a6a1a698b20768e3dce4b6

      SHA1

      f4a4082454fdbd64043b7a9abd89def9622949ab

      SHA256

      4996064bf4462a05f66995a1cfa92856783134b520e6f3098b85dad57e0dce44

      SHA512

      a4b9fc9d30c72ace970e82988cee49c9da2ecca813c01933d25b175cc57f9d68d61466f35ecc4754ce6cb4ea5563e533e09821e2fab461341f2e909114069652

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\.net\08b3af2d274e8354fea20a012aabec073d153031992b023d14ce2322cd030975\b5otnzr1.o5p\hostpolicy.dll
      Filesize

      577KB

      MD5

      1d98c4642c5df87d02122a5d1b76aac0

      SHA1

      f8790ac5b9a97182130fb18da2fa74eef4ef1d18

      SHA256

      8fd5bc9fe7eec0a06aea516e98c239a548060ede87126f077d3bf811c412fa5c

      SHA512

      ee17d6c1bb52ac68c1deeb6ac25b2b65b3725828efc184809f80ab20a26bcbb001677ed3ab45bcfa3a372cd4e65bebe8c9c901d96da277fc727c2f0d6df89b0b

      Download Submit

    • memory/3240-146-0x00007FFAFC436000-0x00007FFAFC437000-memory.dmp

      Filesize

      4KB

      Download