82b8d175292a3441624af910e61ef4c6abadbea2efe824e7883b145acdf18974

Submit
Reports

Overview

overview

Static

static

infected20...1).chm

windows7-x64

infected20...1).chm

windows10-2004-x64

infected20...df.exe

windows7-x64

infected20...df.exe

windows10-2004-x64

infected20...�1.exe

windows7-x64

infected20...�1.exe

windows10-2004-x64

infected20...ls.exe

windows7-x64

infected20...ls.exe

windows10-2004-x64

infected20...fo.exe

windows7-x64

infected20...fo.exe

windows10-2004-x64

infected20...od.exe

windows7-x64

infected20...od.exe

windows10-2004-x64

infected20...25.exe

windows7-x64

infected20...25.exe

windows10-2004-x64

infected20...��.exe

windows7-x64

infected20...��.exe

windows10-2004-x64

infected20...nd.exe

windows7-x64

infected20...nd.exe

windows10-2004-x64

infected20...eg.exe

windows7-x64

infected20...eg.exe

windows10-2004-x64

infected20...#r.exe

windows7-x64

infected20...#r.exe

windows10-2004-x64

Analysis

max time kernel
150s
max time network
156s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
25-04-2023 15:30

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller upx

3 signatures

Behavioral task

behavioral1

Sample

infected2023042501/Downloads/-252871022_150(1).chm

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

infected2023042501/Downloads/-252871022_150(1).chm

Resource

win10v2004-20230220-en

persistence

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral3

Sample

infected2023042501/Downloads/2021-2022年度民航青年文明号拟命名集体名单.pdf.exe

Resource

win7-20230220-en

upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral4

Sample

infected2023042501/Downloads/2021-2022年度民航青年文明号拟命名集体名单.pdf.exe

Resource

win10v2004-20230220-en

upx

windows10-2004-x64

12 signatures

150 seconds

Behavioral task

behavioral5

Sample

infected2023042501/Downloads/2023企业个人最新版所得税缴纳标准1.exe

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral6

Sample

infected2023042501/Downloads/2023企业个人最新版所得税缴纳标准1.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

infected2023042501/Downloads/Quotation_copy_xls.exe

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral8

Sample

infected2023042501/Downloads/Quotation_copy_xls.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

14 signatures

150 seconds

Behavioral task

behavioral9

Sample

infected2023042501/Downloads/getsysteminfo.exe

Resource

win7-20230220-en

upx

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

infected2023042501/Downloads/getsysteminfo.exe

Resource

win10v2004-20230220-en

upx

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

infected2023042501/Downloads/中航信移动科技有限公司〔2023〕7号.‮xcod.exe

Resource

win7-20230220-en

upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral12

Sample

infected2023042501/Downloads/中航信移动科技有限公司〔2023〕7号.‮xcod.exe

Resource

win10v2004-20230221-en

upx

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral13

Sample

infected2023042501/Downloads/公积金信息_20230425.exe

Resource

win7-20230220-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

infected2023042501/Downloads/公积金信息_20230425.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

infected2023042501/Downloads/工号：YC01198-工作邮箱：[email protected]使用工位网口异常反馈.exe

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

infected2023042501/Downloads/工号：YC01198-工作邮箱：[email protected]使用工位网口异常反馈.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

infected2023042501/Downloads/永赢基金管理有限公司客户相关的投诉信件内容_maxwealthfund.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

infected2023042501/Downloads/永赢基金管理有限公司客户相关的投诉信件内容_maxwealthfund.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

infected2023042501/Downloads/深圳智园总部饭堂吃出小蟑螂食品安全事件图片证据jpeg.exe

Resource

win7-20230220-en

cobaltstrike backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral20

Sample

infected2023042501/Downloads/深圳智园总部饭堂吃出小蟑螂食品安全事件图片证据jpeg.exe

Resource

win10v2004-20230220-en

cobaltstrike backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral21

Sample

infected2023042501/Downloads/资金账户对账单导出#r.exe

Resource

win7-20230220-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral22

Sample

infected2023042501/Downloads/资金账户对账单导出#r.exe

Resource

win10v2004-20230221-en

windows10-2004-x64

8 signatures

150 seconds

Report Analysis Logs

General

Target

infected2023042501/Downloads/2023企业个人最新版所得税缴纳标准1.exe
Size

2.5MB
MD5

d14a9b37ad635a9167381973a5b42271
SHA1

a5836ea7760b36401e32223daade0a6de5d6276e
SHA256

c56fc1011190aa878ed26be29e8a6f9a5f4d91f35a5e4adbab00f1fd941c5ba7
SHA512

fbff0c3e9256ae7479fc7d6b9b939a80c68d5555c14ae839ba7b690dd56e3cdd54d983460ee92411b10ccb45128d9956ab9d9187dd9709b00a13740980b1c96e
SSDEEP

49152:SJU24IKR63igl5DHMsSEADK4O77TEtuSxyyWvZNu:SJUtIm63BlmFEADKl77TWuSxyyWv7

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1060	2023企业个人最新版所得税缴纳标准1.exe

Processes

C:\Users\Admin\AppData\Local\Temp\infected2023042501\Downloads\2023企业个人最新版所得税缴纳标准1.exe
"C:\Users\Admin\AppData\Local\Temp\infected2023042501\Downloads\2023企业个人最新版所得税缴纳标准1.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1060-56-0x00000000000D0000-0x00000000000D1000-memory.dmp

Filesize
4KB

Download