Overview

overview

3

Static

static

3

BlsCrn.exe

windows11-21h2-x64

1

Resubmissions

31/03/2025, 05:32

250331-f8mk6atxfv 3

29/03/2025, 20:24

250329-y659lasxbx 10

29/03/2025, 20:22

250329-y5ncdsstd1 3

Analysis

  • max time kernel
    101s
  • max time network
    104s
  • platform
    windows11-21h2_x64
  • resource
    win11-20250313-en
  • resource tags

    arch:x64arch:x86image:win11-20250313-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    29/03/2025, 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    BlsCrn.exe

  • Size

    68KB

  • MD5

    8d126e89c071719bc4b36f4551024ab5

  • SHA1

    e0b3bb8de47da697f029242fe45f0f861c2f4867

  • SHA256

    c75462e36e1a9b989cf0a0330219667d463daa7e51666ac069046969cacaaa1f

  • SHA512

    e8637e1eae28ebdfdedd2cc0027a431cae601df154f8dbd0035db5c262402038c6d592b61662dbd537c42b54a56a14812f5046f5090c2c645fd6c18d889ffe49

  • SSDEEP

    384:2mvY5+dSd+cagoEb/S7sGEHeTS+yTifPQC4ItobbxW+e0ewd0SyrQfBkJ5hZf6CZ:2F5urgNOyWYCGwSVB2hZPA69km

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\BlsCrn.exe
    "C:\Users\Admin\AppData\Local\Temp\BlsCrn.exe"
    1⤵
      PID:2628
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:1944
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3388

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        23KB

        MD5

        1dbfc15d60c8a84a92c503d69f002e6f

        SHA1

        90aa4deaa542004a72c27fc0977ed8de710fad00

        SHA256

        79393d824289ec314ca41edd8a34b91c8e895b7bc81c547453cd725f708c4db7

        SHA512

        5db121a85ab6c0ba3c3383c85cbccc5070e62c97a061fa644da75b64f1c298681ba61fc721df200365ec46024d51624230ff47aba758ca58208fdd6173d26231

        Download Submit

      • memory/2628-0-0x00007FF68E760000-0x00007FF68E788000-memory.dmp

        Filesize

        160KB

        Download