Overview

overview

6

Static

static

1

XboxInstaller.exe

windows7-x64

6

XboxInstaller.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    20/06/2024, 06:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    XboxInstaller.exe

  • Size

    13.4MB

  • MD5

    33c9518c086d0cca4a636bc86728485e

  • SHA1

    2420ad25e243ab8905b49f60fe7fb96590661f50

  • SHA256

    ba30ea16cd8fbd9209d40ae193206ad00f042d100524cf310982c33369325ca2

  • SHA512

    6c2c470607b88e7cd79411b7a645b395cee3306a23e6ba50b8ac57f7d5529a1b350c34e19da69aeb1ffade44d5187b4a1ef209a53d21a83e9e35add10fc7867d

  • SSDEEP

    49152:W/XzWTJmbjeHLKLpyNpaQ+69tPvGUmskDXs4Awd9CBqcUiInvlT2hPnXiwzYJ33S:W/EmGrKL2pllzP+UNkEARmzY1C

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of FindShellTrayWindow 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\XboxInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\XboxInstaller.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious use of FindShellTrayWindow
    PID:2020

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2020-0-0x000000007414E000-0x000000007414F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2020-1-0x0000000001340000-0x00000000020AA000-memory.dmp

    Filesize

    13.4MB

    Download

  • memory/2020-2-0x0000000074140000-0x000000007482E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2020-4-0x00000000002A0000-0x00000000002AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-3-0x00000000002A0000-0x00000000002AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-6-0x0000000074140000-0x000000007482E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2020-10-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-12-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-13-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-11-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-9-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-14-0x000000007414E000-0x000000007414F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2020-15-0x0000000074140000-0x000000007482E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2020-17-0x00000000002A0000-0x00000000002AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-16-0x00000000002A0000-0x00000000002AA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-18-0x0000000074140000-0x000000007482E000-memory.dmp

    Filesize

    6.9MB

    Download

  • memory/2020-22-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-23-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-21-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-20-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2020-19-0x0000000000B20000-0x0000000000B2A000-memory.dmp

    Filesize

    40KB

    Download