Overview

overview

3

Static

static

绿石操�...00.dll

windows7-x64

1

绿石操�...00.dll

windows10-2004-x64

1

绿石操�...00.dll

windows7-x64

3

绿石操�...00.dll

windows10-2004-x64

3

绿石操�...00.dll

windows7-x64

3

绿石操�...00.dll

windows10-2004-x64

3

绿石操�...te.exe

windows7-x64

1

绿石操�...te.exe

windows10-2004-x64

1

绿石操�...��.exe

windows7-x64

1

绿石操�...��.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    45s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    22-10-2022 08:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    绿石操盘手/update.exe

  • Size

    28KB

  • MD5

    59f432a1f904c6fc573dbdf574799d74

  • SHA1

    3d7fe85b4528b7b232daa36e0db9750f88389c07

  • SHA256

    f8c4134e0fbe3e8b67f30759e4632b1921c3351f330393e627660861e99e7510

  • SHA512

    3ddab8fffac36a30ccae247a9d23382da904e60b3ab9e6353d8466e1cd2598da1be62f3998f1e22825eaec5dfbe2a13b7bc0bd045d7398b46a72a6276e049f84

  • SSDEEP

    192:kW8U9OD9fz5az1HxUVtm62tYtnntftmt61oynIyw4pev64XzK+S5Kt7DUcdv5KKj:bIF5U1H+fVJv661eywXlzKU1AYnnpW

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\绿石操盘手\update.exe
    "C:\Users\Admin\AppData\Local\Temp\绿石操盘手\update.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1368-54-0x0000000074E41000-0x0000000074E43000-memory.dmp

    Filesize

    8KB

    Download