Overview

overview

8

Static

static

8

xjtbxgq/�...��.url

windows7-x64

1

xjtbxgq/�...��.url

windows10-2004-x64

1

xjtbxgq/�...��.exe

windows7-x64

8

xjtbxgq/�...��.exe

windows10-2004-x64

8

xjtbxgq/�...��.url

windows7-x64

1

xjtbxgq/�...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/11/2022, 03:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    xjtbxgq/文件图标修改器.exe

  • Size

    45KB

  • MD5

    a88a1b837bb49c2f668fd07fa50a7a51

  • SHA1

    616588cd8d2b989b90103b8c88a0b60f3328bc3d

  • SHA256

    ae717ad3285b6cfd222e5a9a4336f77d329f334cabc9d02560adfe1a22d72be4

  • SHA512

    ab1c2711934523c792c4067b6fb06f4d8732c801fe60188d45a81d816ba5ad810de1773d5b085656cc32264f27b3f6d0b1edaaf50f7b0e05ee6cfb745ad06dfd

  • SSDEEP

    768:oDtOSXRjNEbyyZgtC9hXrzc2rDRRlQstaZ/L/EtciSHf5MDLbrMto19:gXRjNPINrVf5QsYZD/EtKMHb4y

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\xjtbxgq\文件图标修改器.exe
    "C:\Users\Admin\AppData\Local\Temp\xjtbxgq\文件图标修改器.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4284-132-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/4284-136-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download