Analysis
-
max time kernel
9s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
01-10-2022 13:08
Static task
static1
Behavioral task
behavioral1
Sample
点击安装(飞机)简体中文语言包_v34.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
点击安装(飞机)简体中文语言包_v34.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
英文客户基本聊天用语4d.exe
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
英文客户基本聊天用语4d.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
话术大全@88.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
话术大全@88.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
资金盘切客前的裂变话术@.exe
Resource
win7-20220901-en
General
-
Target
话术大全@88.exe
-
Size
1.6MB
-
MD5
1fcb6b9c98d28336e9f904be5cad1aa6
-
SHA1
5ca27208c8ef301799298db806c627eb8fdcd198
-
SHA256
828e3e4b918f3b8fa8a25d27e5f8bdec593238664f16320cb1bc13f1c3191d11
-
SHA512
ae572425657ed0843bee7e7d75bf4be521d3999f0e37d9bc95726255e6b1c5b664cd17fd3c59d2d7163c942e43a3c2b47ae29061fe5d143d680435ee378649a4
-
SSDEEP
24576:KPQvhAxiAs+5mXS+/JnydHWuyqa9nhC58Kfn4X:KPQZyZ5mXS+/Jny1uhQG
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
话术大全@88.exe话术大全@88.exepid process 5068 话术大全@88.exe 5068 话术大全@88.exe 5068 话术大全@88.exe 5068 话术大全@88.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/5068-132-0x0000000180000000-0x0000000180029000-memory.dmpFilesize
164KB
-
memory/5068-133-0x0000000180000000-0x0000000180029000-memory.dmpFilesize
164KB
-
memory/5068-132-0x0000000180000000-0x0000000180029000-memory.dmpFilesize
164KB
-
memory/5068-133-0x0000000180000000-0x0000000180029000-memory.dmpFilesize
164KB