Analysis
-
max time kernel
1190s -
max time network
1203s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
27-06-2024 21:25
Behavioral task
behavioral1
Sample
Driver.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
FNknoxV1.exe
Resource
win7-20240611-en
Behavioral task
behavioral3
Sample
FNknoxV1.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
mciavi32.dll
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
spwizimg.dll
Resource
win10v2004-20240508-en
General
-
Target
Driver.dll
-
Size
242KB
-
MD5
9a41f2a54a2fa0b81b2511e32e914f2c
-
SHA1
3276c4d7be73019a6a7fe8e218a98228ac930ce4
-
SHA256
3cc04edaa12d7feed849f1b88e10d49b948b1ef2a62e197ac35d41e5b35dbfcc
-
SHA512
8fd80dc238b3d8d75797720dc6117ff41b7064804ee243bc3e5d5c847c20856a22b30d9ed579aa1b565fc57c65bd138d913069a26cb71a93b0134b77df36dc27
-
SSDEEP
3072:2QaHp8CKxa1Kd0B7itS5jWqJgvFmtPb9WxBvk4rFTbRL2LP/jWoF3tK8cDL6v51y:2QFPxm5BetSEqJgtibSs4HvD4YQ
Malware Config
Signatures
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\Driver.dll,#11⤵PID:4820
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3592 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:81⤵PID:1620
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=2364 --field-trial-handle=2328,i,5873823382323802923,13134441441264702821,262144 --variations-seed-version /prefetch:81⤵PID:4456