Overview

overview

9

Static

static

9

Haozhuodao...ta.exe

windows7-x64

7

Haozhuodao...ta.exe

windows10-2004-x64

7

$APPDATA/H...at.exe

windows7-x64

1

$APPDATA/H...at.exe

windows10-2004-x64

1

$APPDATA/H...nf.exe

windows7-x64

1

$APPDATA/H...nf.exe

windows10-2004-x64

1

$APPDATA/H...e3.dll

windows7-x64

3

$APPDATA/H...e3.dll

windows10-2004-x64

3

$PLUGINSDI...RL.dll

windows7-x64

3

$PLUGINSDI...RL.dll

windows10-2004-x64

3

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...rk.dll

windows7-x64

1

$PLUGINSDI...rk.dll

windows10-2004-x64

1

$TEMP/QQPh...28.exe

windows7-x64

1

$TEMP/QQPh...28.exe

windows10-2004-x64

1

$TEMP/SU_l...97.exe

windows7-x64

7

$TEMP/SU_l...97.exe

windows10-2004-x64

7

$TEMP/setup_3126.exe

windows7-x64

1

$TEMP/setup_3126.exe

windows10-2004-x64

1

ContextBG.dll

windows7-x64

1

ContextBG.dll

windows10-2004-x64

1

HZDApp.exe

windows7-x64

1

HZDApp.exe

windows10-2004-x64

1

HZDHelper.exe

windows7-x64

1

HZDHelper.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    104s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08-05-2024 20:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $APPDATA/HZDP/HZDunf.exe

  • Size

    742KB

  • MD5

    e2600b9c9732966b53137ae329ba49c3

  • SHA1

    a04129490705077cde1d0ca12d542392251edda3

  • SHA256

    8f670f94f53e2f62e4bb55d3abb09e2f616eb09311dc4bd7d5617f09e814a4f1

  • SHA512

    a3ef95c0e262a7f27e80a5b824eaeaec01d226375aab193bade490170b5c7e042976e74d85386de3b4c058506731ae2deba19bd4ecb77653a69d1ff6c4fa8711

  • SSDEEP

    12288:5OAKLcyUYonmmpDDoeBnD1N+n0t8i5QEg/LtmwPViz0M0sTYQ56+2rNEvE28QorV:5GffmJoUn8L0giISTYQE+2+vP8f4E

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\$APPDATA\HZDP\HZDunf.exe
    "C:\Users\Admin\AppData\Local\Temp\$APPDATA\HZDP\HZDunf.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/536-0-0x0000000060900000-0x000000006094F000-memory.dmp
    Filesize

    316KB

    Download