Analysis
-
max time kernel
142s -
max time network
171s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
23-11-2022 18:59
Static task
static1
Behavioral task
behavioral1
Sample
巅峰辅助.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
巅峰辅助.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
清理工具0606.exe
Resource
win7-20220901-en
Behavioral task
behavioral4
Sample
清理工具0606.exe
Resource
win10v2004-20220812-en
General
-
Target
清理工具0606.exe
-
Size
580KB
-
MD5
6a464af963fbc481990804edc41abfcb
-
SHA1
3c12ea0b1a2d222ea50f05f3b749e452f1c3d0dc
-
SHA256
a34640bf65816153d86bc86df95adde49f5f2f5fc3f2607eaa10b05883ba9006
-
SHA512
c3d36e9724b37d4468758c5267a99fa37e4fba646ded927aced31e89b93e90ee571608dca7d7f0ba027ab3a0e0207844cea9e553a981c2de976db17ffd19f04b
-
SSDEEP
6144:sgZLsV15hKD7ToTXQlTC+veiWGwc/tKMIcWzrUZdbtlvpZZEDTVbj5vY:sqLo5SETXQluKDEVgKIZdLvpaU
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 24 IoCs
Processes:
清理工具0606.exepid process 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe 928 清理工具0606.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
清理工具0606.exepid process 928 清理工具0606.exe 928 清理工具0606.exe