929adcf731e730ee1251eeef8513fd774b1357c1c3e1da4d287722ed778434f9

Submit
Reports

Overview

overview

Static

static

03ff897da4...b3.exe

windows7_x64

03ff897da4...b3.exe

windows10_x64

10493d98a6...41.exe

windows7_x64

10493d98a6...41.exe

windows10_x64

11747d3247...67.exe

windows7_x64

11747d3247...67.exe

windows10_x64

San11 Tc/D...eg.htm

windows7_x64

San11 Tc/D...eg.htm

windows10_x64

San11 Tc/DrvMgt.dll

windows7_x64

San11 Tc/DrvMgt.dll

windows10_x64

San11 Tc/L...es.exe

windows7_x64

San11 Tc/L...es.exe

windows10_x64

San11 Tc/S...er.exe

windows7_x64

San11 Tc/S...er.exe

windows10_x64

San11 Tc/S...er.exe

windows7_x64

San11 Tc/S...er.exe

windows10_x64

San11 Tc/S...YS.exe

windows7_x64

San11 Tc/S...YS.exe

windows10_x64

San11 Tc/San11.exe

windows7_x64

San11 Tc/San11.exe

windows10_x64

San11 Tc/san11pk.exe

windows7_x64

San11 Tc/san11pk.exe

windows10_x64

San11 Tc/�...��.exe

windows7_x64

San11 Tc/�...��.exe

windows10_x64

23c9e16cc6...7b.exe

windows7_x64

23c9e16cc6...7b.exe

windows10_x64

36a18ae31f...d0.exe

windows7_x64

36a18ae31f...d0.exe

windows10_x64

4109a062b3...d4.exe

windows7_x64

4109a062b3...d4.exe

windows10_x64

CW3.exe

windows7_x64

CW3.exe

windows10_x64

Analysis

max time kernel
61s
max time network
38s
platform
windows7_x64
resource
win7-en-20210920
submitted
20-10-2021 15:32

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

Behavioral task

behavioral1

Sample

03ff897da4bfb8bc549fdb1ebf7ee940bcb9b57fed7d26d83c45d1e9ec1f40b3.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

03ff897da4bfb8bc549fdb1ebf7ee940bcb9b57fed7d26d83c45d1e9ec1f40b3.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

10493d98a6e78b7bbc60a9aae5ce5fa1a67cdace2a6be41740c92e21dcdb5f41.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

10493d98a6e78b7bbc60a9aae5ce5fa1a67cdace2a6be41740c92e21dcdb5f41.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

11747d3247254b7db3fb7d6b8c0b47d21546b208b1573a73ae20f46ca4131e67.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

11747d3247254b7db3fb7d6b8c0b47d21546b208b1573a73ae20f46ca4131e67.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

San11 Tc/Doc/Reg/san11_reg.htm

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

San11 Tc/Doc/Reg/san11_reg.htm

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

San11 Tc/DrvMgt.dll

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

San11 Tc/DrvMgt.dll

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

San11 Tc/LinkSan11Res.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

San11 Tc/LinkSan11Res.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

San11 Tc/S11Launcher.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

San11 Tc/S11Launcher.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

San11 Tc/S11PKLauncher.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

San11 Tc/S11PKLauncher.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

San11 Tc/SECDRV.SYS.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

San11 Tc/SECDRV.SYS.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

San11 Tc/San11.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

San11 Tc/San11.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

San11 Tc/san11pk.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

San11 Tc/san11pk.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

San11 Tc/开始游戏.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

San11 Tc/开始游戏.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

23c9e16cc6549ca05d349e7d04805309171cfe8a8426cdb7376f2a41b757a67b.exe

Resource

win10-en-20211014

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

36a18ae31faa401de370fc7c808bd43f5f7af14c9f6f71cbd2aa9f8cca6555d0.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

36a18ae31faa401de370fc7c808bd43f5f7af14c9f6f71cbd2aa9f8cca6555d0.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

4109a062b38d66ee7222cd984120e056acd0f5dad490c623f411c8abb18796d4.exe

Resource

win7-en-20211014

discovery persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

4109a062b38d66ee7222cd984120e056acd0f5dad490c623f411c8abb18796d4.exe

Resource

win10-en-20210920

discovery persistence upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

CW3.exe

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

CW3.exe

Resource

win10-en-20210920

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

San11 Tc/S11Launcher.exe
Size

1.1MB
MD5

5e2be78e285732363a9dd483e5524d03
SHA1

f1d3580da8a87938cc5fe10d7e78e6d42e6d5bd1
SHA256

478bdfdd028b091ceee9fb54d9bf0805567cd87e1d6e2880046fda5d8fdc903b
SHA512

9e5b0e3c366aec158f3492fc9e83185c0d17a8254985606811d3a78d6049dcb4df0ffb77da6b5ee481b3ea00d1d91d81b937019a07b1b214192157b1fb787842

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

S11Launcher.exe

pid process

1976 S11Launcher.exe
1976 S11Launcher.exe

pid	process
1976	S11Launcher.exe
1976	S11Launcher.exe

Processes

C:\Users\Admin\AppData\Local\Temp\San11 Tc\S11Launcher.exe
"C:\Users\Admin\AppData\Local\Temp\San11 Tc\S11Launcher.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1976-54-0x0000000076581000-0x0000000076583000-memory.dmp

Filesize
8KB

Download