Overview

overview

3

Static

static

3

管家.exe

windows7-x64

3

管家.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    124s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2023 21:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    管家.exe

  • Size

    892KB

  • MD5

    c17e153df9cf55c064bb4125678e0d9b

  • SHA1

    7944e32da484a0f6a8e689c8be3e0c86310da0ee

  • SHA256

    0bffd3ede746ea27ccfc4586cee8662a565fe167023903d917d67c534d58ce8d

  • SHA512

    5e88eb0a19ccbbfb48798bb8654f05e80077413926b75e794176730104a4fce0e52efa801ed6a0375802fff1cd6a480d0a1c134955fb51367019a92376111e55

  • SSDEEP

    12288:7Zzh13gF2/mKH6R6cbzqfbPBSudtdXOZiJnO0m62+19oE4l8wmMOu:lU2/mKaRpbzIbJSNC1508wmT

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 32 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\管家.exe
    "C:\Users\Admin\AppData\Local\Temp\管家.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2616

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads