73e7ea40a38cb32af35fdc3a66c7af3b86c40ee0af97f187186c21634db4864e | Triage

Submit
Reports

Overview

overview

Static

static

9

qL7tumRgxLj.zip

windows7-x64

1

qL7tumRgxLj.zip

windows10-2004-x64

1

README.txt

windows7-x64

1

README.txt

windows10-2004-x64

1

openMe.rar

windows7-x64

3

openMe.rar

windows10-2004-x64

3

Boostrap/Solara X.exe

windows7-x64

Boostrap/Solara X.exe

windows10-2004-x64

$TEMP/Animated

windows7-x64

1

$TEMP/Animated

windows10-2004-x64

1

$TEMP/Bennett

windows7-x64

1

$TEMP/Bennett

windows10-2004-x64

1

$TEMP/Broker

windows7-x64

1

$TEMP/Broker

windows10-2004-x64

1

$TEMP/Dell

windows7-x64

1

$TEMP/Dell

windows10-2004-x64

1

$TEMP/Departments

windows7-x64

1

$TEMP/Departments

windows10-2004-x64

1

$TEMP/Grow

windows7-x64

1

$TEMP/Grow

windows10-2004-x64

1

$TEMP/Implementing

windows7-x64

1

$TEMP/Implementing

windows10-2004-x64

1

$TEMP/Int

windows7-x64

1

$TEMP/Int

windows10-2004-x64

1

$TEMP/Invalid

windows7-x64

1

$TEMP/Invalid

windows10-2004-x64

1

$TEMP/Italiano

windows7-x64

1

$TEMP/Italiano

windows10-2004-x64

1

$TEMP/Jd

windows7-x64

1

$TEMP/Jd

windows10-2004-x64

1

$TEMP/Latitude

windows7-x64

1

$TEMP/Latitude

windows10-2004-x64

1

Analysis

max time kernel
142s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
19-06-2024 08:53

Sharing

Static task

static1

cryptone packer

2 signatures

Behavioral task

behavioral1

Sample

qL7tumRgxLj.zip

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

qL7tumRgxLj.zip

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

README.txt

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

README.txt

Resource

win10v2004-20240508-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

openMe.rar

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral6

Sample

openMe.rar

Resource

win10v2004-20240508-en

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral7

Sample

Boostrap/Solara X.exe

Resource

win7-20240611-en

discovery spyware stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral8

Sample

Boostrap/Solara X.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral9

Sample

$TEMP/Animated

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

$TEMP/Animated

Resource

win10v2004-20240508-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

$TEMP/Bennett

Resource

win7-20240611-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

$TEMP/Bennett

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

$TEMP/Broker

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

$TEMP/Broker

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

$TEMP/Dell

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

$TEMP/Dell

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

$TEMP/Departments

Resource

win7-20240419-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

$TEMP/Departments

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

$TEMP/Grow

Resource

win7-20240611-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

$TEMP/Grow

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

$TEMP/Implementing

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

$TEMP/Implementing

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

$TEMP/Int

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

$TEMP/Int

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

$TEMP/Invalid

Resource

win7-20240611-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

$TEMP/Invalid

Resource

win10v2004-20240226-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

$TEMP/Italiano

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

$TEMP/Italiano

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

$TEMP/Jd

Resource

win7-20240508-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

$TEMP/Jd

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

$TEMP/Latitude

Resource

win7-20240611-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

$TEMP/Latitude

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

$TEMP/Invalid
Size

36KB
MD5

8d197d72538081c816efeda249495cca
SHA1

3c84d5fef55f7eeb1fccc0f4ed700fe8587569c4
SHA256

29c1a164753a237fb56cfdab0339607f393744ac8a12c77f524f7d1bc65a151c
SHA512

01208bf32d43002da34e7bfd5d2d2a9f73bb5d452e042bc639266b273c93bae24123994351ca0d446e1665d897af3b3d304bbb3e285f49cfaf72f197b7d0060b
SSDEEP

768:jB4y+aZmzddtw1E1Yd5dArqsfGuYJhLgBF9OR7F8ufnzh:jB4MmHtt1OPeRQnzh

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\$TEMP\Invalid
1⤵
PID:648

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1424 --field-trial-handle=1928,i,13242902252791919845,10377620236057253993,262144 --variations-seed-version /prefetch:8
1⤵
PID:2652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy