Overview

overview

4

Static

static

4

读写器A....pdf

windows7-x64

1

读写器A....pdf

windows10-2004-x64

1

读写器A....pdf

windows7-x64

1

读写器A....pdf

windows10-2004-x64

1

读写器A...rp.vbs

windows7-x64

1

读写器A...rp.vbs

windows10-2004-x64

1

读写器A...rp.vbs

windows7-x64

1

读写器A...rp.vbs

windows10-2004-x64

1

读写器A...ar.vbs

windows7-x64

1

读写器A...ar.vbs

windows10-2004-x64

1

读写器A...ar.vbs

windows7-x64

1

读写器A...ar.vbs

windows10-2004-x64

1

Properties...er.vbs

windows7-x64

1

Properties...er.vbs

windows10-2004-x64

1

Properties...es.vbs

windows7-x64

1

Properties...es.vbs

windows10-2004-x64

1

bin/CSharp...mo.exe

windows7-x64

1

bin/CSharp...mo.exe

windows10-2004-x64

1

bin/CSharp...st.exe

windows7-x64

1

bin/CSharp...st.exe

windows10-2004-x64

1

bin/RFIDAPI.dll

windows7-x64

3

bin/RFIDAPI.dll

windows10-2004-x64

3

obj/Debug/...mo.exe

windows7-x64

1

obj/Debug/...mo.exe

windows10-2004-x64

1

obj/Debug/...cs.dll

windows7-x64

1

obj/Debug/...cs.dll

windows10-2004-x64

1

读写器A...em.vbs

windows7-x64

1

读写器A...em.vbs

windows10-2004-x64

1

读写器A...es.vbs

windows7-x64

1

读写器A...es.vbs

windows10-2004-x64

1

读写器A...mo.exe

windows7-x64

1

读写器A...mo.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    427s
  • max time network
    431s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    30-09-2022 14:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    obj/Debug/CSharpRFIDDemo.exe

  • Size

    40KB

  • MD5

    17cd1c79a68f961c82c3a670f87aec62

  • SHA1

    1c168e0036cd7517a74d04b9c246ab314098b69f

  • SHA256

    739bd859be45e4e29c1b3c4f00ccd0f59b58fedb98c10f4825e47b849fd6d6e9

  • SHA512

    fdd45cefc75a255ade4d3bc11a212930f02b010141d1c9bdf3a8fc954af04178f3dadbbe9d49034d750b063e86c4fba64374226cca9043bbc3d6a41bc5d9fca0

  • SSDEEP

    768:IXmzojYOO7/sGmeOxfx9gXhSPX3bMK2jkUIA:IXmzoj7efoX3bTuVIA

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\obj\Debug\CSharpRFIDDemo.exe
    "C:\Users\Admin\AppData\Local\Temp\obj\Debug\CSharpRFIDDemo.exe"
    1⤵
      PID:1744

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1744-54-0x0000000074DA1000-0x0000000074DA3000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1744-55-0x0000000074180000-0x000000007472B000-memory.dmp
      Filesize

      5.7MB

      Download
    • memory/1744-56-0x0000000000285000-0x0000000000296000-memory.dmp
      Filesize

      68KB

      Download
    • memory/1744-57-0x0000000074180000-0x000000007472B000-memory.dmp
      Filesize

      5.7MB

      Download