Overview

overview

8

Static

static

8

皇者千年.exe

windows7-x64

8

皇者千年.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    45s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 04:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    皇者千年.exe

  • Size

    5.4MB

  • MD5

    42c87f1a83d76077c74d41305aa46e97

  • SHA1

    d05ccaf570ca0987ad6d5955b633934215deff15

  • SHA256

    2c57a28ca1eb2546a23d184969e4bf0183053c3189fcb4fcc6b8f500994059da

  • SHA512

    622fc8da275bdaeb9839077e1e53b859aaeaf25df024b26a424850915b4a1f4bf89c808196a46e964804353ef28e30d58c987d0e0931192ed21127232b5413f2

  • SSDEEP

    98304:NlfsEH0bhPKZrwrAqZBARQOSmhUR+YUSm7dFh7EtY842cox06bv81YwPDyMe4Ow8:ns1VS0ZB/RqSmTh7E2zBoVjoe4Ow3w5L

Score
8/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\皇者千年.exe
    "C:\Users\Admin\AppData\Local\Temp\皇者千年.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1444-54-0x0000000075D71000-0x0000000075D73000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1444-55-0x0000000000400000-0x00000000009C8000-memory.dmp
    Filesize

    5.8MB

    Download
  • memory/1444-56-0x0000000000400000-0x00000000009C8000-memory.dmp
    Filesize

    5.8MB

    Download