Overview
overview
6Static
static
1EdgeUpdate...64.exe
windows7-x64
EdgeUpdate...64.exe
windows10-2004-x64
EdgeUpdate...te.exe
windows7-x64
6EdgeUpdate...te.exe
windows10-2004-x64
6EdgeUpdate...er.exe
windows7-x64
3EdgeUpdate...er.exe
windows10-2004-x64
3EdgeUpdate...64.exe
windows7-x64
5EdgeUpdate...64.exe
windows10-2004-x64
5EdgeUpdate...re.exe
windows7-x64
3EdgeUpdate...re.exe
windows10-2004-x64
3EdgeUpdate...nd.exe
windows7-x64
3EdgeUpdate...nd.exe
windows10-2004-x64
3EdgeUpdate...up.exe
windows7-x64
4EdgeUpdate...up.exe
windows10-2004-x64
4EdgeUpdate...te.dll
windows7-x64
6EdgeUpdate...te.dll
windows10-2004-x64
3EdgeUpdate...af.dll
windows7-x64
3EdgeUpdate...af.dll
windows10-2004-x64
3EdgeUpdate...am.dll
windows7-x64
3EdgeUpdate...am.dll
windows10-2004-x64
3EdgeUpdate...ar.dll
windows7-x64
3EdgeUpdate...ar.dll
windows10-2004-x64
3EdgeUpdate...as.dll
windows7-x64
3EdgeUpdate...as.dll
windows10-2004-x64
3EdgeUpdate...az.dll
windows7-x64
3EdgeUpdate...az.dll
windows10-2004-x64
3EdgeUpdate...bg.dll
windows7-x64
3EdgeUpdate...bg.dll
windows10-2004-x64
3EdgeUpdate...IN.dll
windows7-x64
3EdgeUpdate...IN.dll
windows10-2004-x64
3EdgeUpdate...bn.dll
windows7-x64
3EdgeUpdate...bn.dll
windows10-2004-x64
3Analysis
-
max time kernel
148s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
25-08-2024 19:39
Static task
static1
Behavioral task
behavioral1
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeComRegisterShellARM64.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral2
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeComRegisterShellARM64.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdate.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral4
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdate.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateBroker.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral6
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateBroker.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateComRegisterShell64.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral8
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateComRegisterShell64.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateCore.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral10
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateCore.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateOnDemand.exe
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral12
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateOnDemand.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateSetup.exe
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral14
Sample
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateSetup.exe
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
EdgeUpdate/1.3.195.15/msedgeupdate.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral16
Sample
EdgeUpdate/1.3.195.15/msedgeupdate.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_af.dll
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral18
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_af.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_am.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral20
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_am.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_ar.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral22
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_ar.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_as.dll
Resource
win7-20240704-en
windows7-x64
Behavioral task
behavioral24
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_as.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_az.dll
Resource
win7-20240708-en
windows7-x64
Behavioral task
behavioral26
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_az.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bg.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral28
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bg.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bn-IN.dll
Resource
win7-20240705-en
windows7-x64
Behavioral task
behavioral30
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bn-IN.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bn.dll
Resource
win7-20240729-en
windows7-x64
Behavioral task
behavioral32
Sample
EdgeUpdate/1.3.195.15/msedgeupdateres_bn.dll
Resource
win10v2004-20240802-en
windows10-2004-x64
General
-
Target
EdgeUpdate/1.3.195.15/MicrosoftEdgeUpdateSetup.exe
-
Size
1.6MB
-
MD5
90decc230b529e4fd7e5fa709e575e76
-
SHA1
aa48b58cf2293dad5854431448385e583b53652c
-
SHA256
91f0deec7d7319e57477b74a7a5f4d17c15eb2924b53e05a5998d67ecc8201f2
-
SHA512
15c0c5ef077d5aca08c067afbc8865ad267abd7b82049655276724bce7f09c16f52d13d69d1449888d8075e13125ff8f880a0d92adc9b65a5171740a7c72df03
-
SSDEEP
49152:ciEa3J/lPA552bT8TCKpxVt2sl0TD5yncADYOS0jZ2/vgm9d3:cirIOoT9pnt9l45mcADRS0SRb3
Malware Config
Signatures
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ta.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_bn-IN.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_kok.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_nn.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ug.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\MicrosoftEdgeUpdateComRegisterShell64.exe MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_mr.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ml.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_nb.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_pt-BR.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_te.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_de.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ca-Es-VALENCIA.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_it.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_az.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdate.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_is.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_lb.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_quz.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ur.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_as.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_lo.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sr-Latn-RS.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ro.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sq.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_et.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_pt-PT.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_nl.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sr-Cyrl-BA.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_el.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_es.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_da.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_fa.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_lt.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_uk.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_mi.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_mk.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ca.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_gu.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sr.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_th.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\MicrosoftEdgeUpdateBroker.exe MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\psmachine.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_fil.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_kn.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_or.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\NOTICE.TXT MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_bg.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_tt.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_en.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_fi.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ko.dll MicrosoftEdgeUpdateSetup.exe File opened for modification C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\MicrosoftEdgeUpdateSetup.exe MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_ar.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_tr.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\psmachine_64.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\psmachine_arm64.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sl.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sv.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_am.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_sk.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\msedgeupdateres_cy.dll MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\MicrosoftEdgeUpdateSetup.exe MicrosoftEdgeUpdateSetup.exe File created C:\Program Files (x86)\Microsoft\Temp\EU755F.tmp\psuser_64.dll MicrosoftEdgeUpdateSetup.exe -
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language MicrosoftEdgeUpdateSetup.exe