Overview

overview

7

Static

static

3

7ffb891342...7e.exe

windows7-x64

7

7ffb891342...7e.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$R1/baidu_...an.exe

windows7-x64

$R1/baidu_...an.exe

windows10-2004-x64

$TEMPLATES...at.exe

windows7-x64

1

$TEMPLATES...at.exe

windows10-2004-x64

1

$TEMPLATES...cs.dll

windows7-x64

1

$TEMPLATES...cs.dll

windows10-2004-x64

1

KDocks.exe

windows7-x64

3

KDocks.exe

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-01-2024 13:44

Sharing

Copy URL
Twitter E-mail

Errors

Reason
platform exec: image=C:\Users\Admin\AppData\Local\Temp\$R1\baidu_dizhilan.exe command="C:\Users\Admin\AppData\Local\Temp\$R1\baidu_dizhilan.exe" wdir=C:\Users\Admin\AppData\Local\Temp\$R1 Payload error: This version of %1 is not compatible with the version of Windows you're running. Check your computer's system information and then contact the software publisher.
Report Analysis Logs

General

  • Target

    $R1/baidu_dizhilan.exe

  • Size

    240KB

  • MD5

    35c2e87d43e41a35c39a7d1da9c6236b

  • SHA1

    b852013fea2dbef47248989cef875c70fbe74a65

  • SHA256

    588c684fde086812b7f5bc21366907993c69cd921eb0fe9fefccfbad9e53b2e5

  • SHA512

    87879807b10d0bb2e8ff7286a8effcb27d43d0208c00b84703d4f7138ed4ab5ac10b0e1f1d840d7e60ff9ff812eec37eabb245ecdf712af7b543807e187a8f67

  • SSDEEP

    6144:zAPRxoNm3OsX7Q79Z9X3EkiGF+emYXUPB:oxoNf7qkidoUPB

Score
1/10

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads