Overview
overview
8Static
static
8GameHardware.exe
windows7_x64
8GameHardware.exe
windows10-2004_x64
8IP地址修改器.exe
windows7_x64
3IP地址修改器.exe
windows10-2004_x64
3VMwarehardware.exe
windows7_x64
8VMwarehardware.exe
windows10-2004_x64
8hardware.exe
windows7_x64
8hardware.exe
windows10-2004_x64
8一键修....exe
windows7_x64
7一键修....exe
windows10-2004_x64
7分区序....exe
windows7_x64
1分区序....exe
windows10-2004_x64
1网卡MAC....exe
windows7_x64
1网卡MAC....exe
windows10-2004_x64
1Analysis
-
max time kernel
161s -
max time network
195s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
20-05-2022 04:56
Static task
static1
Behavioral task
behavioral1
Sample
GameHardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
GameHardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
IP地址修改器.exe
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
IP地址修改器.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
VMwarehardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
VMwarehardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
hardware.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
hardware.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral9
Sample
一键修改系统信息.exe
Resource
win7-20220414-en
Behavioral task
behavioral10
Sample
一键修改系统信息.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral11
Sample
分区序列号修改工具.exe
Resource
win7-20220414-en
Behavioral task
behavioral12
Sample
分区序列号修改工具.exe
Resource
win10v2004-20220414-en
Behavioral task
behavioral13
Sample
网卡MAC地址修改工具.exe
Resource
win7-20220414-en
Behavioral task
behavioral14
Sample
网卡MAC地址修改工具.exe
Resource
win10v2004-20220414-en
General
-
Target
网卡MAC地址修改工具.exe
-
Size
1.6MB
-
MD5
7f03dab4be2e7266d2215e31fbaf6ecb
-
SHA1
25a9b47938064cafcf3d69c16891fc4f0fdf64f3
-
SHA256
10985ec327572de432bf0cb3e340ba76cb63479863f28b6c3219d2f42df765b1
-
SHA512
257fc2ef093b56c8c72e61d98c745b76dce84be602c72e857e0cdce27d973c44e92130cd675a0e1ce34f9a605939cb4898cb6f00c4f543203e0e80188f2eea6e
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 4 IoCs
Processes:
网卡MAC地址修改工具.exepid process 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe -
Suspicious use of SendNotifyMessage 4 IoCs
Processes:
网卡MAC地址修改工具.exepid process 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
网卡MAC地址修改工具.exepid process 2324 网卡MAC地址修改工具.exe 2324 网卡MAC地址修改工具.exe