Overview

overview

7

Static

static

3

7fb449e7e6...ea.exe

windows7-x64

7

7fb449e7e6...ea.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

Manager/genHomevw.exe

windows7-x64

1

Manager/genHomevw.exe

windows10-2004-x64

1

Server/AppSvr_n.exe

windows7-x64

1

Server/AppSvr_n.exe

windows10-2004-x64

1

Server/DBMgr.exe

windows7-x64

1

Server/DBMgr.exe

windows10-2004-x64

1

Server/DlxSvcS_n.exe

windows7-x64

1

Server/DlxSvcS_n.exe

windows10-2004-x64

1

Server/FCUtil.exe

windows7-x64

4

Server/FCUtil.exe

windows10-2004-x64

4

Server/His...on.exe

windows7-x64

1

Server/His...on.exe

windows10-2004-x64

1

Server/Mig...DB.exe

windows7-x64

1

Server/Mig...DB.exe

windows10-2004-x64

1

Server/Patcher.exe

windows7-x64

1

Server/Patcher.exe

windows10-2004-x64

1

Server/Pro...te.exe

windows7-x64

1

Server/Pro...te.exe

windows10-2004-x64

1

Server/Server_n.exe

windows7-x64

4

Server/Server_n.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2024, 11:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Server/AppSvr_n.exe

  • Size

    348KB

  • MD5

    c69b23d8dd9f018dc06d6232b9bcf774

  • SHA1

    5b5ffa6ffc60143e36a9f5f0979bd0b5e13ad34d

  • SHA256

    6d01f56160d9eb1e167679b5e2d5d68dc55724eb0ef24ed0b9825d83afaa7c0a

  • SHA512

    1d27df91836562679dd8426e010237a15a258f6acf77b699a30e5eb9654b5707218a12cf627d3619fff80131837f56e28175fe53daa8e7db5e9fb1aa46b0e709

  • SSDEEP

    6144:9gUpkwHXQu3KN0cHynyflB+5bFlQj+y0jMDL0vGllailaTla:9DxXX3K+nyfGlg9w

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Server\AppSvr_n.exe
    "C:\Users\Admin\AppData\Local\Temp\Server\AppSvr_n.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:836

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads