Overview

overview

10

Static

static

10

lolyhzs_ve...py.dll

windows7-x64

10

lolyhzs_ve...py.dll

windows10-2004-x64

10

lolyhzs_ve....6.exe

windows7-x64

7

lolyhzs_ve....6.exe

windows10-2004-x64

7

lolyhzs_ve...KT.dll

windows7-x64

8

lolyhzs_ve...KT.dll

windows10-2004-x64

1

lolyhzs_ve...ss.exe

windows7-x64

1

lolyhzs_ve...ss.exe

windows10-2004-x64

1

lolyhzs_ve...��.url

windows7-x64

1

lolyhzs_ve...��.url

windows10-2004-x64

Analysis

  • max time kernel
    148s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 07:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lolyhzs_veryhuo.com/process.exe

  • Size

    106KB

  • MD5

    aaf2a242dfd54b1b1a920e646cb4aafd

  • SHA1

    ad104885707febb87918f957048eada5ec2895b7

  • SHA256

    bcde080176548758a06ad9152c01d054fb2689ecb4451946831d52214eedc755

  • SHA512

    06cae01f98f70b9437bfffb2ee9f072e18c3717f546d1dca24b1cef27f4afde4035bf4d9fd186a70e6ac45d75549438dcb00a5e253df487f364a42607fa07d56

  • SSDEEP

    1536:92uvj8CJ3Hrd/hr090EczdNJ05n+XTy8r+1zGlR0ztaRbRilnr3jJZEj+h1wjeJD:9e6Vh8N+TJ0QW8a1zGQZa6VTkqRVZ/Kc

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\lolyhzs_veryhuo.com\process.exe
    "C:\Users\Admin\AppData\Local\Temp\lolyhzs_veryhuo.com\process.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1788

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1788-54-0x00000000761F1000-0x00000000761F3000-memory.dmp

    Filesize

    8KB

    Download