Overview

overview

10

Static

static

10

ScanGuard_Setup.exe

windows11-21h2-x64

$APPDATA/S...te.exe

windows11-21h2-x64

1

$APPDATA/S...io.dll

windows11-21h2-x64

3

$APPDATA/S...lt.sys

windows11-21h2-x64

1

$APPDATA/S...bb.sys

windows11-21h2-x64

1

$APPDATA/S...gr.sys

windows11-21h2-x64

1

$APPDATA/S...io.dll

windows11-21h2-x64

3

$APPDATA/S...lt.sys

windows11-21h2-x64

1

$APPDATA/S...bb.sys

windows11-21h2-x64

1

$APPDATA/S...gr.sys

windows11-21h2-x64

$APPDATA/S...io.dll

windows11-21h2-x64

3

$APPDATA/S...lt.sys

windows11-21h2-x64

1

$APPDATA/S...bb.sys

windows11-21h2-x64

1

$APPDATA/S...gr.sys

windows11-21h2-x64

1

$APPDATA/S...io.dll

windows11-21h2-x64

3

$APPDATA/S...lt.sys

windows11-21h2-x64

1

Microsoft....cs.dll

windows11-21h2-x64

1

Microsoft....es.dll

windows11-21h2-x64

1

Microsoft....er.dll

windows11-21h2-x64

1

Microsoft.CSharp.dll

windows11-21h2-x64

1

Microsoft....86.dll

windows11-21h2-x64

1

Microsoft....ns.dll

windows11-21h2-x64

1

Microsoft....er.dll

windows11-21h2-x64

1

Microsoft....on.dll

windows11-21h2-x64

1

Microsoft....ns.dll

windows11-21h2-x64

1

Microsoft....on.dll

windows11-21h2-x64

1

Microsoft....ns.dll

windows11-21h2-x64

1

Microsoft....ng.dll

windows11-21h2-x64

1

Microsoft....ns.dll

windows11-21h2-x64

1

Microsoft....es.dll

windows11-21h2-x64

1

Microsoft....ns.dll

windows11-21h2-x64

1

Microsoft....re.dll

windows11-21h2-x64

1

Resubmissions

10/07/2024, 23:05 UTC

240710-223vfsvemm 10

Analysis

  • max time kernel
    1794s
  • max time network
    1804s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10/07/2024, 23:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/ScanGuard/updates/SAVAPI 11.0.1/on_access/win32/win7/avipbb.sys

  • Size

    169KB

  • MD5

    a17862525867081a577923e210604a64

  • SHA1

    9b6f498bbda86fc464d6e5094bc8529ecd3e7579

  • SHA256

    2bf4e12f41f8d78737592b7f29b55206b2df15411cc2943e678f52096289d06f

  • SHA512

    e33c701cad149844913e5853187e4bbf43f6bc230fccaec21c847b373da7299849f2f3d93e6a07dc2c3c774f5119a31f0f44ed77821cc1e8dda93661e620b2ca

  • SSDEEP

    3072:E6zDMkFB5rqrDX7r5E2wnyKVxqxJNxBIRxUcx5VEv3QuhznmZmopCn7:3zDMU5cHq2wn/EJNIRxXx5KB1Omo07

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\$APPDATA\ScanGuard\updates\SAVAPI 11.0.1\on_access\win32\win7\avipbb.sys"
    1⤵
      PID:3120
      • C:\Users\Admin\AppData\Local\Temp\$APPDATA\ScanGuard\updates\SAVAPI 11.0.1\on_access\win32\win7\avipbb.sys
        "C:\Users\Admin\AppData\Local\Temp\$APPDATA\ScanGuard\updates\SAVAPI 11.0.1\on_access\win32\win7\avipbb.sys"
        2⤵
          PID:2244

      Network

        No results found
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls
        2.0kB
         7.2kB
         18
        14
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls
        1.6kB
         7.2kB
         17
        14
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls
        112.8kB
         3.3MB
         2363
        2359
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls
        2.0kB
         7.2kB
         18
        15
      • 150.171.28.10:443
        tse1.mm.bing.net
        tls
        1.6kB
         7.2kB
         17
        15
      No results found

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2244-0-0x0000000000010000-0x000000000003D000-memory.dmp

        Filesize

        180KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.