Overview

overview

10

Static

static

3

sandboxie-5-69-6.exe

windows11-21h2-x64

$PLUGINSDI...ns.dll

windows11-21h2-x64

$PLUGINSDI...il.exe

windows11-21h2-x64

10

$PLUGINSDI...LL.dll

windows11-21h2-x64

8

$PLUGINSDI...ll.dll

windows11-21h2-x64

1

$PLUGINSDI...sg.dll

windows11-21h2-x64

1

$PLUGINSDI...em.dll

windows11-21h2-x64

3

32/SbieDll.dll

windows11-21h2-x64

3

32/SbieSvc.exe

windows11-21h2-x64

3

KmdUtil.exe

windows11-21h2-x64

1

SandboxieBITS.exe

windows11-21h2-x64

1

SandboxieCrypto.exe

windows11-21h2-x64

1

SandboxieD...ch.exe

windows11-21h2-x64

8

SandboxieRpcSs.exe

windows11-21h2-x64

1

SandboxieWUAU.exe

windows11-21h2-x64

1

SbieCtrl.exe

windows11-21h2-x64

1

SbieDll.dll

windows11-21h2-x64

1

SbieDrv.sys

windows11-21h2-x64

1

SbieIni.exe

windows11-21h2-x64

1

SbieMsg.dll

windows11-21h2-x64

1

SbieSvc.exe

windows11-21h2-x64

1

SboxHostDll.dll

windows11-21h2-x64

1

Start.exe

windows11-21h2-x64

1

UpdUtil.exe

windows11-21h2-x64

1

whatsnew.html

windows11-21h2-x64

3

Analysis

  • max time kernel
    1799s
  • max time network
    1482s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240802-en
  • resource tags

    arch:x64arch:x86image:win11-20240802-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    21-08-2024 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SbieCtrl.exe

  • Size

    3.2MB

  • MD5

    8d678d2d08fc83abda7064903c0cb0dd

  • SHA1

    3244f38b720fd95ff3dced0db4a77da25cb7a098

  • SHA256

    c3da60381751b387a09f7ffc045379783e5d9975ad3e2521aa893f1bb7b02e53

  • SHA512

    b76b6e74f82280e823af2498d3acd7d70f701cc16ce35c0fd8c0b5a97804c0fc4359876a5726ab8bc0c0ff69664e633fbd867a575f12d9cb170c7b12121c73fa

  • SSDEEP

    49152:IV5dT9dkI2f7IwfOFOUhpxTNnpL2xtIQYkPjGObfvES3xoRZAamMPtKLUIH27CYG:IJfWxtIRWfvEqoiMPALUIWWYijZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SbieCtrl.exe
    "C:\Users\Admin\AppData\Local\Temp\SbieCtrl.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads