Overview

overview

7

Static

static

7

yxsggjjb/9...��.url

windows7-x64

1

yxsggjjb/9...��.url

windows10-2004-x64

1

yxsggjjb/y...��.exe

windows7-x64

1

yxsggjjb/y...��.exe

windows10-2004-x64

3

yxsggjjb/y...zy.dll

windows7-x64

7

yxsggjjb/y...zy.dll

windows10-2004-x64

7

yxsggjjb/y...��.bat

windows7-x64

7

yxsggjjb/y...��.bat

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    30/04/2024, 01:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    yxsggjjb/yxsgwmxhsfbfz/英雄三国完美1.5/新系统注册/新系统双击此文件注册一遍.bat

  • Size

    17B

  • MD5

    85858386993b6358bc9f4b12c6175e1f

  • SHA1

    25b530afcc469f3f8a8cb2ea7df45b233a36654d

  • SHA256

    dbec3e0cab2e7c2773351d1e535a50eeede3be916cb4ffe18bdf763c6ec34cbe

  • SHA512

    357452b65fda679c8ff570c36714835870820994f9ba5c5aeae6c66fd356b5aa7fdc5d0e334be67431ff0fa3e0d1c1d89514626024033a4f2b4891369dd86580

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious behavior: CmdExeWriteProcessMemorySpam 1 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c "C:\Users\Admin\AppData\Local\Temp\yxsggjjb\yxsgwmxhsfbfz\英雄三国完美1.5\新系统注册\新系统双击此文件注册一遍.bat"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2240
    • C:\Windows\system32\regsvr32.exe
      regsvr32 xqzy.dll
      2⤵
      • Suspicious behavior: CmdExeWriteProcessMemorySpam
      • Suspicious use of WriteProcessMemory
      PID:3040
      • C:\Windows\SysWOW64\regsvr32.exe
        xqzy.dll
        3⤵
          PID:1524

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1524-0-0x0000000010000000-0x0000000010177000-memory.dmp

      Filesize

      1.5MB

      Download