Overview

overview

10

Static

static

3

Engine.js

windows7-x64

3

Engine.js

windows10-2004-x64

3

Setup.exe

windows7-x64

10

Setup.exe

windows10-2004-x64

10

bin/UbuilderB.exe

windows7-x64

1

bin/UbuilderB.exe

windows10-2004-x64

7

bin/scv.jar

windows7-x64

1

bin/scv.jar

windows10-2004-x64

1

cutline.ppt

windows7-x64

1

cutline.ppt

windows10-2004-x64

1

d3dx9_43.dll

windows7-x64

1

d3dx9_43.dll

windows10-2004-x64

1

packages/D...1].exe

windows7-x64

1

packages/D...1].exe

windows10-2004-x64

1

xNet.dll

windows7-x64

1

xNet.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-07-2024 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cutline.ppt

  • Size

    835KB

  • MD5

    5dd713fe5df9331f0641fa850abd5d61

  • SHA1

    f66c08e26599d860cf645e8b8a828ef1660e3b1e

  • SHA256

    dbdf13e4851001e8cde22e81bd498b97a684038ea4e67851f2888aff9ada6ced

  • SHA512

    b835e99c3b4c25602af3d02796f66eb5cf8d32c165d274bfe8c667bc4113a10a8813af4f44adaa66f0ba11fb810530f978c88d8e58e4132ec7969a02c9a61064

  • SSDEEP

    24576:vKf/UKv/Z+fuolHM6VHBFXFKVJfiJC8iXhlrXAE5R:v6cKX0ukhHzQVJY8rjA+R

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\POWERPNT.EXE" "C:\Users\Admin\AppData\Local\Temp\cutline.ppt" /ou ""
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2028
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4396,i,7012731823941922179,12386606396608877869,262144 --variations-seed-version --mojo-platform-channel-handle=3756 /prefetch:8
    1⤵
      PID:2488

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2028-7-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-9-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-13-0x00007FF96C450000-0x00007FF96C460000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-14-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-17-0x00007FF96C450000-0x00007FF96C460000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-18-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-19-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-23-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-22-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-21-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-20-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-16-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-15-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-12-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-11-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-10-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-8-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-6-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-5-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-4-0x00007FF9AEDCD000-0x00007FF9AEDCE000-memory.dmp
      Filesize

      4KB

      Download
    • memory/2028-3-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-2-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-1-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-0-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-46-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-47-0x00007FF9AED30000-0x00007FF9AEF25000-memory.dmp
      Filesize

      2.0MB

      Download
    • memory/2028-45-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-44-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download
    • memory/2028-43-0x00007FF96EDB0000-0x00007FF96EDC0000-memory.dmp
      Filesize

      64KB

      Download