Overview

overview

7

Static

static

7

Au3Strippe...er.exe

windows7-x64

4

Au3Strippe...er.exe

windows10-2004-x64

3

AutoIt3Wra...er.ps1

windows7-x64

3

AutoIt3Wra...er.ps1

windows10-2004-x64

3

CodeWizard...rd.ps1

windows7-x64

3

CodeWizard...rd.ps1

windows10-2004-x64

3

CodeWizard...rd.chm

windows7-x64

1

CodeWizard...rd.chm

windows10-2004-x64

1

CodeWizard/ReadMe.vbs

windows7-x64

1

CodeWizard/ReadMe.vbs

windows10-2004-x64

1

Koda/FD.chm

windows7-x64

1

Koda/FD.chm

windows10-2004-x64

1

Koda/FD.exe

windows7-x64

7

Koda/FD.exe

windows10-2004-x64

7

Koda/Langu...ng.chm

windows7-x64

1

Koda/Langu...ng.chm

windows10-2004-x64

1

Lua/Class.js

windows7-x64

3

Lua/Class.js

windows10-2004-x64

3

SciLexer.dll

windows7-x64

3

SciLexer.dll

windows10-2004-x64

3

SciTE Jump...le.chm

windows7-x64

1

SciTE Jump...le.chm

windows10-2004-x64

1

SciTE Jump...TA.ps1

windows7-x64

3

SciTE Jump...TA.ps1

windows10-2004-x64

3

SciTE Jump...ns.ps1

windows7-x64

3

SciTE Jump...ns.ps1

windows10-2004-x64

3

SciTE Jump...or.ps1

windows7-x64

3

SciTE Jump...or.ps1

windows10-2004-x64

3

SciTE Jump...TE.ps1

windows7-x64

3

SciTE Jump...TE.ps1

windows10-2004-x64

3

SciTE Jump...mp.ps1

windows7-x64

3

SciTE Jump...mp.ps1

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 22:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Koda/Language/help_eng.chm

  • Size

    343KB

  • MD5

    cd869fe69c3177111ac449cb6194e60f

  • SHA1

    fda6e8f7e93357e3edadc275fb77b89b2db39f08

  • SHA256

    5de44dde00218816d77a29b132a6d744fcc7822bbaab053362f7570779ecccd6

  • SHA512

    aeede2a158f52699f5fd771a3c4e387d1788bfa88e844c098f5929bfe9c4b218ce4e45bf2108212503fcfac50db4765db04c60ae51d65846123ce0e548aa7610

  • SSDEEP

    6144:Yq7cpDhtOuKKKm8WxB6E+luPh2kqzx2GYqNTyjUFsuz6T1raeEHqT0T:rc/EHHg+8Ph2kmx2rqNrRzU12eEHv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\Koda\Language\help_eng.chm
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:2380

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads