849f042411e25d2be2b6fba3c52543b40c7975caf7fd43b2e6945168e145f367 | Triage

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
24-11-2023 13:19

Sharing

Report Analysis Logs

General

Target

ADB一键解除占用工具.exe
Size

1.1MB
MD5

b835e21aaf36f0d55eacf854dadee32a
SHA1

30f62c7c07b24b5595f0929cddbf23366589cf04
SHA256

849f042411e25d2be2b6fba3c52543b40c7975caf7fd43b2e6945168e145f367
SHA512

9fb22339598f63b4fe7b84afb1b3518dfb4d11d4879c3cd62500e0775af73da0ea8282795b395367ef7845af1940f99e27371487116a8d77ccf268fa2be676af
SSDEEP

12288:ouwgk+Julfjgm6PyxWOK/MPidf3wBtT72KMwqQOlwIU:oHN+Jyf0m6PyxWv/MPieBtOK6lwR

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2108	ADB一键解除占用工具.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2108	ADB一键解除占用工具.exe
2108	ADB一键解除占用工具.exe

C:\Users\Admin\AppData\Local\Temp\ADB一键解除占用工具.exe
"C:\Users\Admin\AppData\Local\Temp\ADB一键解除占用工具.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads