Malware Analysis Report

2025-08-10 23:14

Sample ID 221031-11g1xsedfm
Target 210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8
SHA256 210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8
Tags
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8

Threat Level: Likely benign

The file 210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8 was found to be: Likely benign.

Malicious Activity Summary


Drops file in Program Files directory

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2022-10-31 22:06

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2022-10-31 22:06

Reported

2022-10-31 22:09

Platform

win7-20220812-en

Max time kernel

43s

Max time network

46s

Command Line

"C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe"

Signatures

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\路灯监控管理系统\NewLamp.mdb C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe

"C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe"

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2022-10-31 22:06

Reported

2022-10-31 22:09

Platform

win10v2004-20220901-en

Max time kernel

91s

Max time network

155s

Command Line

"C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe"

Signatures

Drops file in Program Files directory

Description Indicator Process Target
File opened for modification C:\Program Files\????????\NewLamp.mdb C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe

"C:\Users\Admin\AppData\Local\Temp\210a1d9a0ab7e262266259977307f1eee1f62dee1db88be5e212e084e8f1ede8.exe"

Network

Country Destination Domain Proto
BE 8.238.110.126:80 tcp
US 13.89.179.10:443 tcp
BE 8.238.110.126:80 tcp
BE 8.238.110.126:80 tcp
BE 8.238.110.126:80 tcp
DE 8.248.99.254:80 tcp

Files

N/A