Overview

overview

6

Static

static

3

tw6805a驱...ll.exe

windows7-x64

1

tw6805a驱...ll.exe

windows10-2004-x64

1

tw6805a驱...ci.sys

windows7-x64

1

tw6805a驱...ci.sys

windows10-2004-x64

1

tw6805a驱...er.exe

windows7-x64

1

tw6805a驱...er.exe

windows10-2004-x64

1

tw6805a驱...BL.dll

windows7-x64

1

tw6805a驱...BL.dll

windows10-2004-x64

1

tw6805a驱...er.exe

windows7-x64

6

tw6805a驱...er.exe

windows10-2004-x64

6

tw6805a驱...M4.dll

windows7-x64

3

tw6805a驱...M4.dll

windows10-2004-x64

3

tw6805a驱...up.exe

windows7-x64

1

tw6805a驱...up.exe

windows10-2004-x64

1

tw6805a驱...nt.dll

windows7-x64

1

tw6805a驱...nt.dll

windows10-2004-x64

1

tw6805a驱...nt.exe

windows7-x64

1

tw6805a驱...nt.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    140s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2024, 13:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    tw6805a驱动/P2PClient/dvrclient.exe

  • Size

    1.3MB

  • MD5

    e4ff46e12031c7d96ea9f0b768f4c372

  • SHA1

    9bc65774673ad6baf93ba98183bd90cdcc2ca0dc

  • SHA256

    c7cc523d8f397ceba953772fff4d6af39e7aad5d883b0ce425b40d9ea24dc04d

  • SHA512

    3e60ede5531fef54ec04020771b4c59555943b36921ae30a220fa3e4c0e6c06606959af1ef055e0c596228cd3e805f6525b2897fda43aea6e0a774318997a379

  • SSDEEP

    24576:zjtRQc5sF0EyuJTEXMeImmz83zXtzjnzVwjl0Q7fTuela:FR5s55mN3hbiOQDTue

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tw6805a驱动\P2PClient\dvrclient.exe
    "C:\Users\Admin\AppData\Local\Temp\tw6805a驱动\P2PClient\dvrclient.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2244

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2244-0-0x0000000000560000-0x0000000000706000-memory.dmp

          Filesize

          1.6MB

          Download

        • memory/2244-2-0x00000000003D0000-0x00000000003D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2244-3-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-4-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-5-0x00000000003D0000-0x00000000003D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2244-6-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-7-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-8-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-9-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-10-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-11-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-12-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-13-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-14-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-15-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-16-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download

        • memory/2244-17-0x0000000000400000-0x000000000055B000-memory.dmp

          Filesize

          1.4MB

          Download