Overview

overview

8

Static

static

0909iocp�...ar.bat

windows7-x64

1

0909iocp�...ar.bat

windows10-2004-x64

1

0909iocp�...dow.js

windows7-x64

1

0909iocp�...dow.js

windows10-2004-x64

1

0909iocp�...dow.js

windows7-x64

1

0909iocp�...dow.js

windows10-2004-x64

1

minilzo-2.02.vbs

windows7-x64

1

minilzo-2.02.vbs

windows10-2004-x64

1

0909iocp�...Lib.js

windows7-x64

1

0909iocp�...Lib.js

windows10-2004-x64

1

0909iocp�...ay.exe

windows7-x64

1

0909iocp�...ay.exe

windows10-2004-x64

1

0909iocp�...s8.exe

windows7-x64

8

0909iocp�...s8.exe

windows10-2004-x64

8

0909iocp�...ock.js

windows7-x64

1

0909iocp�...ock.js

windows10-2004-x64

1

0909iocp�...ck2.js

windows7-x64

1

0909iocp�...ck2.js

windows10-2004-x64

1

0909iocp�...vfw.js

windows7-x64

1

0909iocp�...vfw.js

windows10-2004-x64

1

加键盘�...ll.dll

windows7-x64

5

加键盘�...ll.dll

windows10-2004-x64

5

加键盘�...es.bat

windows7-x64

1

加键盘�...es.bat

windows10-2004-x64

1

加键盘�...ar.bat

windows7-x64

1

加键盘�...ar.bat

windows10-2004-x64

1

加键盘�...rv.exe

windows7-x64

3

加键盘�...rv.exe

windows10-2004-x64

3

加键盘�...ys.bat

windows7-x64

1

加键盘�...ys.bat

windows10-2004-x64

1

加键盘�...nit.js

windows7-x64

1

加键盘�...nit.js

windows10-2004-x64

1

Analysis

  • max time kernel
    181s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27-11-2022 16:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    加键盘记录dll/加键盘记录dll/serv.exe

  • Size

    120KB

  • MD5

    d8ab911891087a6aa6e19485b76a7b07

  • SHA1

    a85cf27ef7ddd0f92eebb0dcfcab53895c91167f

  • SHA256

    dc9c651b164bf86b46f904d11da313617bd4b1b307d271990d61f46b468172e5

  • SHA512

    b59a0dd0d573216e486eaac4bb14bc9108ec98d9d2264832ad2b38fe707cbb56f5028ee634497de735e789147f7998c45e1b968d71b23d11c653a077141af33b

  • SSDEEP

    1536:JSyTA5k7IoqOMT9Fub8yyAn0X5UxTvxoJaS5PT6up5X:JS6AKcbT9FuADAzTva6up5X

Score
3/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\加键盘记录dll\加键盘记录dll\serv.exe
    "C:\Users\Admin\AppData\Local\Temp\加键盘记录dll\加键盘记录dll\serv.exe"
    1⤵
      PID:1664

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1664-54-0x0000000075591000-0x0000000075593000-memory.dmp

      Filesize

      8KB

      Download