73fadc384065f6c75b62674a9f3be63474453e703152749674eb130ab5244ee9

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/12/2023, 17:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0776a07539faac444aa9589cb2bc5196.chm
Size

13KB
MD5

0776a07539faac444aa9589cb2bc5196
SHA1

f71ed1588eea2ac1186c5e20d9b7929f233a7bbb
SHA256

73fadc384065f6c75b62674a9f3be63474453e703152749674eb130ab5244ee9
SHA512

44e8197c73f86c89ee2a8344fe35e34a6eab22e97fa91f0fcbe34f3b061cb83c99026bd8c199429619cac7b7718361c6bd3059de75f5c66bbdb7157145421635
SSDEEP

192:UhFmYGizKRYKSRHybv0pbH6kjeffvorMV:UhNRK+dRybv0FH2or

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1268429524-3929314613-1992311491-1000\Software\Microsoft\Internet Explorer\Main	hh.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1740	hh.exe
1740	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\0776a07539faac444aa9589cb2bc5196.chm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1740

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads