Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231023-en -
resource tags
arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system -
submitted
25/11/2023, 15:06
Behavioral task
behavioral1
Sample
winrar-x32-700b2.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
winrar-x32-700b2.exe
Resource
win10v2004-20231020-en
Behavioral task
behavioral3
Sample
winrar-x64-700b2.exe
Resource
win7-20231025-en
Behavioral task
behavioral4
Sample
winrar-x64-700b2.exe
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
大眼仔旭.url
Resource
win7-20231020-en
Behavioral task
behavioral6
Sample
大眼仔旭.url
Resource
win10v2004-20231020-en
General
-
Target
winrar-x32-700b2.exe
-
Size
3.7MB
-
MD5
c0f1d7905400216b78510e9caff969cd
-
SHA1
3c499df5499c9a678cf190c403256452bb864509
-
SHA256
a591a72fcb9778cd0a393389e367e96c217b4b7220432018007a4bbcea75607b
-
SHA512
5e5ec430085d76fb547e1b5ef94c5af4962713289f213f0add8fd0b1a1cd2f26c3d2041b618b3a53e476f93691c3db4f08efe1b93045efdb74c38d5c1169ada8
-
SSDEEP
98304:JvgSBfKEa6D3Ma7teNV/9Ve9Tdjz1eNf9UkMyJF:sz6LMaYnbe9TdQ99UkdP
Malware Config
Signatures
-
description ioc Process Key created \REGISTRY\USER\S-1-5-21-2085049433-1067986815-1244098655-1000\Software\Microsoft\Internet Explorer\Main winrar-x32-700b2.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2412 winrar-x32-700b2.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2412 winrar-x32-700b2.exe 2412 winrar-x32-700b2.exe