9e9a3a938c7b54c9a20f96bbdd1cade66fad4b866bffaf29fa64c1a2399bec9d

Submit
Reports

Overview

overview

Static

static

K-MetaSear...on.dll

windows7-x64

K-MetaSear...on.dll

windows10-2004-x64

K-MetaSear...ch.dll

windows7-x64

K-MetaSear...ch.dll

windows10-2004-x64

K-MetaSear...ch.exe

windows7-x64

K-MetaSear...ch.exe

windows10-2004-x64

K-MetaSear...��.exe

windows7-x64

K-MetaSear...��.exe

windows10-2004-x64

K-MetaSear...��.bat

windows7-x64

K-MetaSear...��.bat

windows10-2004-x64

K-MetaSear...��.bat

windows7-x64

K-MetaSear...��.bat

windows10-2004-x64

K-MetaSear...��.exe

windows7-x64

K-MetaSear...��.exe

windows10-2004-x64

K-MetaSear...��.exe

windows7-x64

K-MetaSear...��.exe

windows10-2004-x64

K-MetaSear...ut.asp

windows7-x64

K-MetaSear...ut.asp

windows10-2004-x64

K-MetaSear...ge.asp

windows7-x64

K-MetaSear...ge.asp

windows10-2004-x64

K-MetaSear...ok.vbs

windows7-x64

K-MetaSear...ok.vbs

windows10-2004-x64

K-MetaSear...op.vbs

windows7-x64

K-MetaSear...op.vbs

windows10-2004-x64

K-MetaSear...dd.vbs

windows7-x64

K-MetaSear...dd.vbs

windows10-2004-x64

K-MetaSear...ok.vbs

windows7-x64

K-MetaSear...ok.vbs

windows10-2004-x64

K-MetaSear...it.vbs

windows7-x64

K-MetaSear...it.vbs

windows10-2004-x64

K-MetaSear...ok.vbs

windows7-x64

K-MetaSear...ok.vbs

windows10-2004-x64

Analysis

max time kernel
90s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
17-01-2024 22:09

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/KMSWordSegmentation.dll

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/KMSWordSegmentation.dll

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/KMetaSearch.dll

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/KMetaSearch.dll

Resource

win10v2004-20231222-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/search.exe

Resource

win7-20231129-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/search.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral7

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/初始化.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/初始化.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral9

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/卸载组件.bat

Resource

win7-20231215-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral10

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/卸载组件.bat

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral11

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/安装组件.bat

Resource

win7-20231215-en

persistence

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral12

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/安装组件.bat

Resource

win10v2004-20231215-en

persistence

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/服务器.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/服务器.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/清空缓存.exe

Resource

win7-20231215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

K-MetaSearch Engine Version 3.0 个人版/Server/清空缓存.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral17

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/about.asp

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/about.asp

Resource

win10v2004-20231222-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral19

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/admin_manage.asp

Resource

win7-20231215-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/admin_manage.asp

Resource

win10v2004-20231215-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral21

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/admin_manage_ok.vbs

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/admin_manage_ok.vbs

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/desktop.vbs

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/desktop.vbs

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_add.vbs

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_add.vbs

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_add_ok.vbs

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_add_ok.vbs

Resource

win10v2004-20231215-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_edit.vbs

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_edit.vbs

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_edit_ok.vbs

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

K-MetaSearch Engine Version 3.0 个人版/Web/admin/engine_edit_ok.vbs

Resource

win10v2004-20231222-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

K-MetaSearch Engine Version 3.0 个人版/Server/服务器.exe
Size

248KB
MD5

c9c44f7d7084a9d08a278c420b5efb90
SHA1

77dd9e124a07779840de9a1ea0233c36f0519357
SHA256

ea6ba153b925c59d3c7e4183d4c996588b6df6c3211b66e58302a704e47229c4
SHA512

73f265c05fd039bc5a75e67f165d89cd421ca6270757d593413cc8f25c41fd5e30c323bfb18dd4d74a467e9f515be6a836c373a4a173edff8082dcf28aac8945
SSDEEP

6144:9kEVugeFB8p48000LFirGm7zZsoIqClbwnRcY3rHuJnmV0:9ZugeFB6CFirGm7znINwnRcY3rHuJnmS

Score

3^/10

Malware Config

Signatures

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3804	1196	WerFault.exe	85

Processes

C:\Users\Admin\AppData\Local\Temp\K-MetaSearch Engine Version 3.0 个人版\Server\服务器.exe
"C:\Users\Admin\AppData\Local\Temp\K-MetaSearch Engine Version 3.0 个人版\Server\服务器.exe"
1⤵
PID:1196
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1196 -s 500
  2⤵
  - Program crash
  PID:3804

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1196 -ip 1196
1⤵
PID:4820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1196-0-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download