Overview

overview

1

Static

static

hosts文�...��.exe

windows7-x64

1

hosts文�...��.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    187s
  • max time network
    196s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hosts文件修复工具.exe

  • Size

    579KB

  • MD5

    53d3172165a80a4125a376c6324111f7

  • SHA1

    8448e0579b97ba209ceade60c207348c25f8272e

  • SHA256

    93f799648b68a50aaa655c8f41ec39325185804af84cec53787c0a2024a4a7ec

  • SHA512

    85918c6e3385b39981aa30aa125068e05a8a31889a77a51860be3b0b33b0454f26f274c15e669de60a4c4cdc7090a7ad9f54d5a24d9e1607c78677ca6e97358d

  • SSDEEP

    6144:pOnAezlbaR7sE1oiX7MrFjcPMnPLEuA60jmIEOgiamZAYvQEUYQEopti4:AxGRtonrZcPGrYmbDevHQ+4

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\hosts文件修复工具.exe
    "C:\Users\Admin\AppData\Local\Temp\hosts文件修复工具.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3544-132-0x0000000000400000-0x00000000004B1000-memory.dmp

    Filesize

    708KB

    Download

  • memory/3544-133-0x0000000000400000-0x00000000004B1000-memory.dmp

    Filesize

    708KB

    Download