Analysis
-
max time kernel
45s -
max time network
49s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
23-11-2022 16:54
General
-
Target
狂风勇士的信仰修改器V1 71 无敌版/新勇士的信仰狂风修改器v1.7.1.exe
-
Size
2.2MB
-
MD5
9f8feafc9db34b3bb078a280e4d3b1b6
-
SHA1
63d075df700328d38efc6ca96dab36236c681306
-
SHA256
652c61579747b4906155077ec382a711c0e1ef11f451d761d02afa2d7e6ea37f
-
SHA512
a836629ceb962f25de3088add5f411dc1cbbda9a795e093cf952a7240b6732a5a19dc111f782e1b538c51822acf212bf749fb510052f23c395832a83c9c7afe9
-
SSDEEP
49152:bOc79tqfoEe45jmc02uTKxzke95IV7ziFCGOxO8UEs:i8qzUvTKxoeQJzICLqEs
Score
6/10
Malware Config
Signatures
-
Enumerates connected drives 3 TTPs 1 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\狂风勇士的信仰修改器V1 71 无敌版\新勇士的信仰狂风修改器v1.7.1.exe"C:\Users\Admin\AppData\Local\Temp\狂风勇士的信仰修改器V1 71 无敌版\新勇士的信仰狂风修改器v1.7.1.exe"1⤵
- Enumerates connected drives
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
6.8MB
-
Filesize
6.8MB
-
Filesize
6.8MB