9066a70491e2563254d958a0a3925c75687224afc705fbde5a235e75b801de10

Analysis

max time kernel
142s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/04/2024, 16:30

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

hwcqfz_gr/虎威辅助免费版V3.2.1/虎威辅助免费版V3.2.1/脚本编辑器4.0.exe
Size

3.5MB
MD5

2639a84164dc299a16d797bde2af71e0
SHA1

d4034bc067ccca12784c9b3b1312dc5b9f9d3163
SHA256

fd117c028c5c9b3b0a5fdf505e81c632c58d36898ebfca80e6ce5d20c8f5864f
SHA512

5592c06af6e8fa6dade32b1dfeba3d558e2e0e89a6cd46f2b1973e3cfcd0bc631946c199b5f0febe9f8a0ac70f427e3472049d21388f49ff9571a8cfec74bc61
SSDEEP

98304:4wIT9B+v28BB0bzNlfOs0OmXFxAG9ywbMB:VI14B0bJPmXFeG9rb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 24 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2868-22-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-44-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-47-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-42-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-40-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-38-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-36-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-34-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-32-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-30-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-48-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-28-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-26-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-24-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-20-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-18-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-16-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-14-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-12-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-10-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-8-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-6-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral1/memory/2868-4-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2868	脚本编辑器4.0.exe
2868	脚本编辑器4.0.exe
2868	脚本编辑器4.0.exe

C:\Users\Admin\AppData\Local\Temp\hwcqfz_gr\虎威辅助免费版V3.2.1\虎威辅助免费版V3.2.1\脚本编辑器4.0.exe
"C:\Users\Admin\AppData\Local\Temp\hwcqfz_gr\虎威辅助免费版V3.2.1\虎威辅助免费版V3.2.1\脚本编辑器4.0.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2868-0-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-2-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-3-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-1-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-22-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-44-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-47-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-42-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-40-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-38-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-36-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-34-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-32-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-30-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-48-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-28-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-26-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-24-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-20-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-18-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-16-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-14-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-12-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-10-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-8-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-6-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-4-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2868-49-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-50-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-51-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-52-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-53-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-54-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-55-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-56-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-57-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-58-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-59-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-60-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-61-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download
memory/2868-62-0x0000000000400000-0x00000000009AC000-memory.dmp

Filesize
5.7MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads