Overview

overview

5

Static

static

灵域DLL�....1.exe

windows7-x64

5

灵域DLL�....1.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    204s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 15:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    灵域DLL函数查看器2.1.exe

  • Size

    1.6MB

  • MD5

    d725e61af5a2f4970c9719639433d724

  • SHA1

    03cabb47fdf087cea32cd71c3f01897ed020d816

  • SHA256

    f7e10c861d39a119c320031fb05b073fbb453394164e5ce6da0fb3735bf052dd

  • SHA512

    a8188db27150531154d324e3b5c19f72d05bd45beb9cb169825a5fc1abee3136bfc149072f29c6566594db2e8313ebed448f8995020f6d32dbe30de7f72dfd24

  • SSDEEP

    24576:0oNtDHP3owgLIaIEt8GRDBbFzgfoM3q4at2au5AvprYaTmo2jb6RZfsLypvIH3R:0ADHLgLPt8eTV4QooZfWovIH3R

Score
5/10

Malware Config

Signatures

  • Suspicious use of NtSetInformationThreadHideFromDebugger 25 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\灵域DLL函数查看器2.1.exe
    "C:\Users\Admin\AppData\Local\Temp\灵域DLL函数查看器2.1.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of SetWindowsHookEx
    PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1668-54-0x0000000075631000-0x0000000075633000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1668-55-0x0000000000400000-0x0000000000625000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1668-57-0x00000000763B0000-0x00000000763F7000-memory.dmp

    Filesize

    284KB

    Download

  • memory/1668-463-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-465-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-464-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-466-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-467-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-468-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-469-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-470-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-471-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-472-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-473-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-474-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-475-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-476-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-477-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-478-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-479-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-480-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-481-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-482-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-483-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-484-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-485-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-486-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-487-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-488-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-489-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-490-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-491-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-492-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-494-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-493-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-495-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-496-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-497-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-498-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-500-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-499-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-501-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-502-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-503-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-504-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-505-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-506-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-507-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-508-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-509-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-510-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-512-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-511-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-513-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-514-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-515-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-516-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-517-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-518-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-519-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-520-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-521-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-522-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-524-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-523-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-1332-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-1333-0x0000000002040000-0x00000000021C1000-memory.dmp

    Filesize

    1.5MB

    Download

  • memory/1668-3178-0x0000000002430000-0x0000000002541000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1668-3922-0x00000000007B0000-0x00000000008B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1668-4151-0x0000000002431000-0x0000000002433000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1668-5084-0x0000000000400000-0x0000000000625000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1668-5085-0x0000000002230000-0x0000000002331000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1668-5086-0x00000000007B0000-0x00000000008B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1668-5087-0x0000000002431000-0x0000000002433000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1668-5088-0x0000000000400000-0x0000000000625000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/1668-5089-0x0000000000400000-0x0000000000625000-memory.dmp

    Filesize

    2.1MB

    Download