Overview

overview

3

Static

static

3

3.0版金�...��.exe

windows7-x64

1

3.0版金�...��.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/06/2023, 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3.0版金税盘一键升级底层工具V1.39(AN6-220524 AT6-220525 AC5-220526)授权截止日期:2022年12月31日.exe

  • Size

    14.3MB

  • MD5

    ee0d931049a8ac903ea7580feb12604e

  • SHA1

    68d53c9e8aa735a9fae932358aa15e1a59238527

  • SHA256

    17864e53be7b2ed563ddeb4ae2c2cc43c9e2347566d97772ad4c21a013ccf026

  • SHA512

    9175d47346d00cee7320be9e97c14f85974e0fb23b863687a34c3c955fb66fb545f59762d2d1f7451073779a24dd3734d67be32f420a577c124780ad87fff956

  • SSDEEP

    393216:RP1hc3Ml5cMShYOrzmGqsYRb6A+GWawyiMv97Hu/FDH0kwOAtF:RXwRwHUFDHGOA

Score
1/10

Malware Config

Signatures

  • Modifies system certificate store 2 TTPs 10 IoCs
    evasionspywaretrojan
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3.0版金税盘一键升级底层工具V1.39(AN6-220524 AT6-220525 AC5-220526)授权截止日期:2022年12月31日.exe
    "C:\Users\Admin\AppData\Local\Temp\3.0版金税盘一键升级底层工具V1.39(AN6-220524 AT6-220525 AC5-220526)授权截止日期:2022年12月31日.exe"
    1⤵
    • Modifies system certificate store
    • Suspicious use of SetWindowsHookEx
    PID:628

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\usb_driver\x86\winusbcoinstaller2.dll
    Filesize

    831KB

    MD5

    8e7b9f81e8823fee2d82f7de3a44300b

    SHA1

    1633b3715014c90d1c552cd757ef5de33c161dee

    SHA256

    ebe3b7708dd974ee87efed3113028d266af87ca8dbae77c47c6f7612824d3d6c

    SHA512

    9ae37b2747589a0eb312473d895ef87404f4a395a27e15855826a75b4711ea934ca9a2b289df0abe0a8825dec2d5654a0b1603cf0b039fe25662359b730ce1a9

    Download Submit