Overview

overview

8

Static

static

8

rxbaoV3.29...ew.dll

windows7-x64

1

rxbaoV3.29...ew.dll

windows10-2004-x64

1

rxbaoV3.29...me.dll

windows7-x64

1

rxbaoV3.29...me.dll

windows10-2004-x64

1

rxbaoV3.29_Y/NPC.dll

windows7-x64

1

rxbaoV3.29_Y/NPC.dll

windows10-2004-x64

1

rxbaoV3.29...er.exe

windows7-x64

1

rxbaoV3.29...er.exe

windows10-2004-x64

1

rxbaoV3.29_Y/bb.dll

windows7-x64

3

rxbaoV3.29_Y/bb.dll

windows10-2004-x64

3

rxbaoV3.29_Y/iext.dll

windows7-x64

1

rxbaoV3.29_Y/iext.dll

windows10-2004-x64

1

rxbaoV3.29...ms.dll

windows7-x64

1

rxbaoV3.29...ms.dll

windows10-2004-x64

1

rxbaoV3.29..._Y.exe

windows7-x64

8

rxbaoV3.29..._Y.exe

windows10-2004-x64

8

rxbaoV3.29_Y/rxbb.dll

windows7-x64

1

rxbaoV3.29_Y/rxbb.dll

windows10-2004-x64

rxbaoV3.29...bb.dll

windows7-x64

1

rxbaoV3.29...bb.dll

windows10-2004-x64

1

rxbaoV3.29_Y/temp.exe

windows7-x64

1

rxbaoV3.29_Y/temp.exe

windows10-2004-x64

1

rxbaoV3.29...ib.dll

windows7-x64

1

rxbaoV3.29...ib.dll

windows10-2004-x64

1

rxbaoV3.29...pi.dll

windows7-x64

3

rxbaoV3.29...pi.dll

windows10-2004-x64

3

rxbaoV3.29...��.exe

windows7-x64

1

rxbaoV3.29...��.exe

windows10-2004-x64

1

rxbaoV3.29...��.exe

windows7-x64

1

rxbaoV3.29...��.exe

windows10-2004-x64

1

第七下载.url

windows7-x64

1

第七下载.url

windows10-2004-x64

1

Analysis

  • max time kernel
    41s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    24-11-2022 22:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rxbaoV3.29_Y/temp.exe

  • Size

    2.2MB

  • MD5

    261c350ca108c12585da53aab0ed09b7

  • SHA1

    075f4aa4dba81ffd11391c2d24c755489a94c74f

  • SHA256

    386c8faffb387ba6df18bfc99a87b0e367ea7986ba043009791fbd80564b3588

  • SHA512

    110db4d0ba20b2383c9f07b5f1ac300b8081b4fff52d787ffad98143e116d5ac466b20ae8a49485b21cbe918d235e72a20107950e79e4d4d367881d72f6becfa

  • SSDEEP

    24576:Dxp3xbAIrtNEQ5PU1POX5HDSckx6JqnNR0PfX5HDSckx6sBiRGzPms:1p3BAMPdtEx8qnNRytExhBiRGbms

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\rxbaoV3.29_Y\temp.exe
    "C:\Users\Admin\AppData\Local\Temp\rxbaoV3.29_Y\temp.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2036

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2036-54-0x0000000075521000-0x0000000075523000-memory.dmp
    Filesize

    8KB

    Download