Overview
overview
8Static
static
81433_hack4...st.exe
windows7-x64
81433_hack4...st.exe
windows10-2004-x64
11433_hack4...��.exe
windows7-x64
81433_hack4...��.exe
windows10-2004-x64
81433_hack4...er.exe
windows7-x64
1433_hack4...er.exe
windows10-2004-x64
1433_hack4...me.swf
windows7-x64
31433_hack4...me.swf
windows10-2004-x64
31433_hack4...in.url
windows7-x64
61433_hack4...in.url
windows10-2004-x64
1433_hack4...��.url
windows7-x64
11433_hack4...��.url
windows10-2004-x64
11433_hack4...��.url
windows7-x64
11433_hack4...��.url
windows10-2004-x64
11433_hack4...13.exe
windows7-x64
11433_hack4...13.exe
windows10-2004-x64
11433_hack4...14.exe
windows7-x64
11433_hack4...14.exe
windows10-2004-x64
11433_hack4...��.exe
windows7-x64
81433_hack4...��.exe
windows10-2004-x64
81433_hack4....5.exe
windows7-x64
81433_hack4....5.exe
windows10-2004-x64
81433_hack4...nH.dll
windows7-x64
81433_hack4...nH.dll
windows10-2004-x64
1433_hack4...��.exe
windows7-x64
11433_hack4...��.exe
windows10-2004-x64
11433_hack4...fs.exe
windows7-x64
61433_hack4...fs.exe
windows10-2004-x64
1433_hack4...ex.hta
windows7-x64
11433_hack4...ex.hta
windows10-2004-x64
11433_hack4...SD.exe
windows7-x64
31433_hack4...SD.exe
windows10-2004-x64
3Analysis
-
max time kernel
473s -
max time network
425s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system -
submitted
26-11-2022 18:02
Behavioral task
behavioral1
Sample
1433_hack44.cn/12-18/Gh0st.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1433_hack44.cn/12-18/Gh0st.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral3
Sample
1433_hack44.cn/12-18/MD5修改器.exe
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
1433_hack44.cn/12-18/MD5修改器.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral5
Sample
1433_hack44.cn/12-18/update/Server.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
1433_hack44.cn/12-18/update/Server.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral7
Sample
1433_hack44.cn/12-18/update/look me.swf
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
1433_hack44.cn/12-18/update/look me.swf
Resource
win10v2004-20221111-en
Behavioral task
behavioral9
Sample
1433_hack44.cn/12-18/update/skin.url
Resource
win7-20220901-en
Behavioral task
behavioral10
Sample
1433_hack44.cn/12-18/update/skin.url
Resource
win10v2004-20221111-en
Behavioral task
behavioral11
Sample
1433_hack44.cn/12-18/update/使用方法.url
Resource
win7-20221111-en
Behavioral task
behavioral12
Sample
1433_hack44.cn/12-18/update/使用方法.url
Resource
win10v2004-20220812-en
Behavioral task
behavioral13
Sample
1433_hack44.cn/12-18/update/华中帝国收集整理.url
Resource
win7-20221111-en
Behavioral task
behavioral14
Sample
1433_hack44.cn/12-18/update/华中帝国收集整理.url
Resource
win10v2004-20221111-en
Behavioral task
behavioral15
Sample
1433_hack44.cn/FTP2013.exe
Resource
win7-20220812-en
Behavioral task
behavioral16
Sample
1433_hack44.cn/FTP2013.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral17
Sample
1433_hack44.cn/NB12-18/2014.exe
Resource
win7-20220812-en
Behavioral task
behavioral18
Sample
1433_hack44.cn/NB12-18/2014.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral19
Sample
1433_hack44.cn/NB12-18/MD5修改器.exe
Resource
win7-20220812-en
Behavioral task
behavioral20
Sample
1433_hack44.cn/NB12-18/MD5修改器.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral21
Sample
1433_hack44.cn/NB12-18/NetBot5.5.exe
Resource
win7-20221111-en
Behavioral task
behavioral22
Sample
1433_hack44.cn/NB12-18/NetBot5.5.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral23
Sample
1433_hack44.cn/NB12-18/SkinH.dll
Resource
win7-20221111-en
Behavioral task
behavioral24
Sample
1433_hack44.cn/NB12-18/SkinH.dll
Resource
win10v2004-20221111-en
Behavioral task
behavioral25
Sample
1433_hack44.cn/NB12-18/免杀审核.exe
Resource
win7-20221111-en
Behavioral task
behavioral26
Sample
1433_hack44.cn/NB12-18/免杀审核.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral27
Sample
1433_hack44.cn/hfs2_3b285/hfs.exe
Resource
win7-20220812-en
Behavioral task
behavioral28
Sample
1433_hack44.cn/hfs2_3b285/hfs.exe
Resource
win10v2004-20221111-en
Behavioral task
behavioral29
Sample
1433_hack44.cn/乌龙寺1433/FTPHEX/Hex.hta
Resource
win7-20221111-en
Behavioral task
behavioral30
Sample
1433_hack44.cn/乌龙寺1433/FTPHEX/Hex.hta
Resource
win10v2004-20220812-en
Behavioral task
behavioral31
Sample
1433_hack44.cn/乌龙寺1433/FTPHEX/KSD.exe
Resource
win7-20220901-en
Behavioral task
behavioral32
Sample
1433_hack44.cn/乌龙寺1433/FTPHEX/KSD.exe
Resource
win10v2004-20220812-en
General
-
Target
1433_hack44.cn/NB12-18/免杀审核.exe
-
Size
55.6MB
-
MD5
96780cd3d5fd3ad5d8412a1106f544d6
-
SHA1
12fa95f4c4cc748ecbec576d42a8fc8454ea05e0
-
SHA256
623f204bd680f64a327303e2073a0acd06930f05844c626157a8c80efa1626b2
-
SHA512
1d497a3e033dc971355e397cf777459b1d6314ed635b35d3a3d13d1eb2b9141d8c61638a9558b7d755d07037ff7bfa3f3845fb2215a61eb85b340825eedce61f
-
SSDEEP
196608:0WfVt+KiLIj0EyVEU+p20svplcl+cxomxFs25pZMMd7P/Keh7RA:iEFpKGrrp/KeTA
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
免杀审核.exepid process 1532 免杀审核.exe