Overview

overview

7

Static

static

7

replacesetup.exe

windows7-x64

7

replacesetup.exe

windows10-2004-x64

7

Clash Pack....1.exe

windows7-x64

7

Clash Pack....1.exe

windows10-2004-x64

7

Sinicizati...er.exe

windows7-x64

7

Sinicizati...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

asar/linux...�.docx

windows7-x64

4

asar/linux...�.docx

windows10-2004-x64

1

Clash-for-...rer.js

windows7-x64

1

Clash-for-...rer.js

windows10-2004-x64

1

Clash-for-...ain.js

windows7-x64

1

Clash-for-...ain.js

windows10-2004-x64

1

Clash-for-...rer.js

windows7-x64

1

Clash-for-...rer.js

windows10-2004-x64

1

简易封�....1.exe

windows7-x64

1

简易封�....1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    0s
  • max time network
    0s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27-02-2024 07:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    简易封包工具_3.2.0.1.exe

  • Size

    1.4MB

  • MD5

    4b7c4479a1dc4d57be23d11b3ca2a01b

  • SHA1

    e9e53ea73d4a0c842347e1a7c0bbe40da4e4702d

  • SHA256

    da2cf03939dc1ce1a873b8bc08b26aa13a797245419047cfe47032346ee9eab1

  • SHA512

    412d94582b0a6984b8db5262f31d7f4112e73e21a7077707ff319e5e9f7aec7f70698a9e3cb52d5297d9d98e07da7782cac727b75411e9b5bfe982b45fee1c09

  • SSDEEP

    24576:gBXu9HGaVHErIJt/gxC6UQcCEX8a5DJ0mjP5eJms18haH4dEEMO9xLYd:gw9VHxJt4o6UQcCDadJFgfOhg4MOnL

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\简易封包工具_3.2.0.1.exe
    "C:\Users\Admin\AppData\Local\Temp\简易封包工具_3.2.0.1.exe"
    1⤵
      PID:2664

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads