Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://www.x-plane....

windows10-2004-x64

1

Analysis

  • max time kernel
    1795s
  • max time network
    1799s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-09-2024 15:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://www.x-plane.com/desktop/try-it/older/

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 60 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.x-plane.com/desktop/try-it/older/
    1⤵
      PID:2232
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4740,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=4392 /prefetch:1
      1⤵
        PID:1220
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=4820,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=3892 /prefetch:1
        1⤵
          PID:1180
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5448,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=5464 /prefetch:8
          1⤵
            PID:1320
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5472,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=5520 /prefetch:8
            1⤵
              PID:3796
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5900,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=5928 /prefetch:8
              1⤵
                PID:4680
              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=6256,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=6276 /prefetch:8
                1⤵
                  PID:5028
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --video-capture-use-gpu-memory-buffer --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --field-trial-handle=6252,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=6340 /prefetch:1
                  1⤵
                    PID:2292
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --field-trial-handle=6080,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=6764 /prefetch:8
                    1⤵
                      PID:2580
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=6968,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=6984 /prefetch:8
                      1⤵
                        PID:1692
                      • C:\Windows\System32\rundll32.exe
                        C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
                        1⤵
                          PID:4532
                        • C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe
                          "C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe"
                          1⤵
                          • Checks processor information in registry
                          PID:1568
                        • C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe
                          "C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe"
                          1⤵
                          • Checks processor information in registry
                          PID:1148
                        • C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe
                          "C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe"
                          1⤵
                          • Checks processor information in registry
                          PID:2340
                        • C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe
                          "C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe"
                          1⤵
                          • Checks processor information in registry
                          PID:3784
                        • C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe
                          "C:\Users\Admin\AppData\Local\Temp\Temp1_X-Plane11InstallerWindows.zip\X-Plane 11 Installer.exe"
                          1⤵
                          • Checks processor information in registry
                          PID:804
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-US --service-sandbox-type=search_indexer --message-loop-type-ui --field-trial-handle=6900,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=6948 /prefetch:8
                          1⤵
                            PID:1064
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=6852,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=5648 /prefetch:8
                            1⤵
                              PID:3304
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5636,i,16316361669272684588,6171287487746154806,262144 --variations-seed-version --mojo-platform-channel-handle=5028 /prefetch:8
                              1⤵
                                PID:3688

                              Network

                              MITRE ATT&CK Enterprise v15

                              Replay Monitor

                              Loading Replay Monitor...

                              Downloads

                              • C:\Users\Admin\Desktop\X-Plane Installer Log.txt
                                Filesize

                                821B

                                MD5

                                870a08915efc0dead96d078760b406af

                                SHA1

                                200de3047263c22cbfab244e4ed91686dc009792

                                SHA256

                                dcda8686e4cc1ec0ec6cd535100ab75fd6fa0b16e1209ff8e9f34d8facf14b8d

                                SHA512

                                82cad331a0e40ed21d8bec0f16b93a8b3a21d6792d2115f7e522786dd89a7ddf4a88b28fc033cc6597fb34b0806811c3d709067499a68fe2bb42ebeabe8abf2b

                                Download Submit

                              • C:\Users\Admin\Desktop\X-Plane Installer Log.txt
                                Filesize

                                821B

                                MD5

                                38f1c483b6b0dc742dfc4de752b9a06a

                                SHA1

                                bb30fea7239fb15ec9fc965d7db7bd5bf9bdf3df

                                SHA256

                                d0134b64416d3ce172f09d3213b9fb9384abb98b3f070949542d40138c6c3e68

                                SHA512

                                200784bd9264260419da70cf854ec0f3de8809e906fd7373e66dd4bca65478a9ca7b0a93c047c9b893e110864e61644c3aae80e802bca6e322a96d245a1c8e53

                                Download Submit

                              • C:\Users\Admin\Desktop\X-Plane Installer Log.txt
                                Filesize

                                821B

                                MD5

                                d9f750294afcf7e0c64cad31e978f9d5

                                SHA1

                                356bff038e95418935be59b9b1a1840b03832b02

                                SHA256

                                7e8e6c6d8b559e367b640892233893d54a377c1eaccf7c9384b85135743f48f8

                                SHA512

                                46d23e4b729562709714880aa42f5cd24966ba98dd08d4dff4d96c5308a95ea3cc8512f80d477b0ee6df433f6130ed8bcef95a0dbd3a681b8a7868a84f5af5c5

                                Download Submit