Overview

overview

10

Static

static

3

8.27.exe

windows7-x64

7

8.27.exe

windows10-2004-x64

3

office安�...��.exe

windows7-x64

8

office安�...��.exe

windows10-2004-x64

8

pdf.exe

windows7-x64

1

pdf.exe

windows10-2004-x64

3

test.exe

windows7-x64

1

test.exe

windows10-2004-x64

1

企财险�...��.exe

windows7-x64

10

企财险�...��.exe

windows10-2004-x64

10

截图1-8.exe

windows7-x64

8

截图1-8.exe

windows10-2004-x64

8

方案D.exe

windows7-x64

1

方案D.exe

windows10-2004-x64

1

苏宁系�...16.exe

windows7-x64

1

苏宁系�...16.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    31s
  • max time network
    146s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    28/08/2023, 14:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    office安装助手.exe

  • Size

    233KB

  • MD5

    5b7d97522d4035c4f4f4f5d92f3df931

  • SHA1

    c4dd75afa16fd91631524a6444ddbf770af807ec

  • SHA256

    c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786

  • SHA512

    9f47cd34bd938152a7a741bb8b8bbe48e3e18365345ae02a7753149c94a0c7fa3c4abeb4606f6285c3b473dbb32f4bd88436f7fe0b45664a1deaab73cd254bbf

  • SSDEEP

    3072:ljBsj3J6/qxxxSuAk7GSnvT4Wak7GSnvT4WpZQNShYEtWN:u3vP/HkqHkrrB

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file

Processes

  • C:\Users\Admin\AppData\Local\Temp\office安装助手.exe
    "C:\Users\Admin\AppData\Local\Temp\office安装助手.exe"
    1⤵
      PID:1600
    • C:\Users\Admin\AppData\Local\Temp\office安装助手.exe
      "C:\Users\Admin\AppData\Local\Temp\office安装助手.exe"
      1⤵
        PID:1600

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1600-0-0x0000000001020000-0x000000000105D000-memory.dmp

        Filesize

        244KB

        Download

      • memory/1600-2-0x0000000010000000-0x0000000010285000-memory.dmp

        Filesize

        2.5MB

        Download

      • memory/1600-6-0x0000000010000000-0x0000000010285000-memory.dmp

        Filesize

        2.5MB

        Download

      • memory/1600-0-0x0000000001020000-0x000000000105D000-memory.dmp

        Filesize

        244KB

        Download

      • memory/1600-2-0x0000000010000000-0x0000000010285000-memory.dmp

        Filesize

        2.5MB

        Download

      • memory/1600-6-0x0000000010000000-0x0000000010285000-memory.dmp

        Filesize

        2.5MB

        Download