Overview

overview

10

Static

static

4

Terabox_1.32.0.1.exe

windows7-x64

10

Terabox_1.32.0.1.exe

windows10-2004-x64

4

$PLUGINSDI...fg.ini

windows7-x64

1

$PLUGINSDI...fg.ini

windows10-2004-x64

1

$PLUGINSDI...fo.xml

windows7-x64

3

$PLUGINSDI...fo.xml

windows10-2004-x64

1

AppProperty.xml

windows7-x64

3

AppProperty.xml

windows10-2004-x64

1

AutoUpdate...fo.xml

windows7-x64

3

AutoUpdate...fo.xml

windows10-2004-x64

1

AutoUpdate/config.ini

windows7-x64

1

AutoUpdate/config.ini

windows10-2004-x64

1

CEF license.txt

windows7-x64

1

CEF license.txt

windows10-2004-x64

1

ChromeManifest.json

windows7-x64

3

ChromeManifest.json

windows10-2004-x64

3

DuiEngine license.txt

windows7-x64

1

DuiEngine license.txt

windows10-2004-x64

1

TeraBoxTor...le.ico

windows7-x64

3

TeraBoxTor...le.ico

windows10-2004-x64

3

VersionInfo

windows7-x64

1

VersionInfo

windows10-2004-x64

1

VersionInfo2

windows7-x64

1

VersionInfo2

windows10-2004-x64

1

autobackup.ico

windows7-x64

3

autobackup.ico

windows10-2004-x64

3

browserres/cef.pak

windows7-x64

3

browserres/cef.pak

windows10-2004-x64

3

browserres...nt.pak

windows7-x64

3

browserres...nt.pak

windows10-2004-x64

3

browserres...nt.pak

windows7-x64

3

browserres...nt.pak

windows10-2004-x64

3

Resubmissions

27-11-2024 20:39

241127-zfpdtszjes 6

27-11-2024 20:33

241127-zbwbksvqhl 6

25-11-2024 22:14

241125-15w1mswlcp 6

25-11-2024 20:57

241125-zryrmswke1 6

28-09-2024 18:21

240928-wzje5ssdlc 10

Analysis

  • max time kernel
    92s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-09-2024 18:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Terabox_1.32.0.1.exe

  • Size

    85.5MB

  • MD5

    b73657d85fe21f889cdbaf4f1724ff57

  • SHA1

    c10e0f8cf0abda003931c5b27ce2416a076b0478

  • SHA256

    9ed5767db68fb669b3f18a0565cae471ee3800b94a187c4512e5a6691797c511

  • SHA512

    b013b7015e90043e2d8c021d9ea9a87505c36ffcb4619eb5fd06bd0e2c5742c3bc3fddc3a448112def652ab26d5372fee4a2d6f95c3c5ce09a000ffb7bf457f1

  • SSDEEP

    1572864:yBumaBVNigHypMDTKWRhvRL7b3NWPVQ6kzjn:yBumaRigyp8TDRhvRD3APVr6jn

Score
4/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: EnumeratesProcesses 28 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Terabox_1.32.0.1.exe
    "C:\Users\Admin\AppData\Local\Temp\Terabox_1.32.0.1.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: EnumeratesProcesses
    PID:1868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\nsh71C7.tmp\NsisInstallUI.dll
    Filesize

    1.8MB

    MD5

    69b36f5513e880105fe0994feef54e70

    SHA1

    57b689dbf36719e17a9f16ad5245c8605d59d4c0

    SHA256

    531d1191eded0bf76abb40f0367efa2f4e4554123dc2373cf23ee3af983b6d5f

    SHA512

    c5c09d81a601f8060acf6d9eeaa9e417843bb37b81d5de6b5c70fb404a529c2b906d4bb0995d574dd5a3b4986e3cbe20882aa3e8349e31ff26bdb832692596bd

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsh71C7.tmp\System.dll
    Filesize

    12KB

    MD5

    8cf2ac271d7679b1d68eefc1ae0c5618

    SHA1

    7cc1caaa747ee16dc894a600a4256f64fa65a9b8

    SHA256

    6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

    SHA512

    ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\nsh71C7.tmp\nsProcessW.dll
    Filesize

    4KB

    MD5

    f0438a894f3a7e01a4aae8d1b5dd0289

    SHA1

    b058e3fcfb7b550041da16bf10d8837024c38bf6

    SHA256

    30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    SHA512

    f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    Download Submit

  • memory/1868-17-0x0000000002350000-0x0000000002360000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1868-126-0x0000000002350000-0x0000000002360000-memory.dmp

    Filesize

    64KB

    Download