Overview

overview

7

Static

static

7

数学工�...up.exe

windows7-x64

1

数学工�...up.exe

windows10-2004-x64

1

数学工�...ol.exe

windows7-x64

1

数学工�...ol.exe

windows10-2004-x64

1

数学工�...��.dot

windows7-x64

4

数学工�...��.dot

windows10-2004-x64

1

数学工�...��.doc

windows7-x64

4

数学工�...��.doc

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 01:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    数学工具4.5.11/font/fontsetup.exe

  • Size

    20KB

  • MD5

    5212382a14e67decce4acd86b03da3e2

  • SHA1

    32d3d869ce90c0230754b9d70802854dd54d76dc

  • SHA256

    e9e544302504c7cad3891028b56a8da6468f84e16d365f6dcd6f1bb8a85fbb8d

  • SHA512

    58eb45d0385304f21ee7d5d2874d02a202be40ce56f580fa4de2ed5e1008d52130d368e388def1b6b2a64856ef9d3b31b029ca9066356c6eda2404fde2b3a406

  • SSDEEP

    96:/lxIYI8BMdV+4EHuQpZT3ev9xYDR/7mHoT+nkDspVWr7xElq2:/T68BMevCXYDBmIJDsyEw

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\数学工具4.5.11\font\fontsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\数学工具4.5.11\font\fontsetup.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1980

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads