Overview

overview

3

Static

static

3

EWHsetup.exe

windows7-x64

3

EWHsetup.exe

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    06/03/2024, 10:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    EWHsetup.exe

  • Size

    1.7MB

  • MD5

    90ac871d51b576b8776b1cba857c5e56

  • SHA1

    a91f2e0a4698d7144a5d37f5af5b43ed6648bf73

  • SHA256

    95bcb91222ab6dca48dab2e8abb0041294cac2e3e00f51213db2e9ce3051cc07

  • SHA512

    24efa64560dc8c3e57ef6be76bcc33eb74c6009ffd7c52856b2a92857c303237e3ef8b4ea0ca5ecc425fd5ace0c735e806a31f525fb44cfcaa5c921e19f706ba

  • SSDEEP

    24576:hiPIwCX5FKnNR+JFKANHPbGfCNhj5mcZc0yNPtvgvBVdQz2SGrjXa:hRwCX5cnNRKFkYhYF/PtIBTeGHa

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\EWHsetup.exe
    "C:\Users\Admin\AppData\Local\Temp\EWHsetup.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2696

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads