4606ae8fa17587693ddfb8075ef43d593b1481c76d76c65baf821dd8168e3232

Analysis

max time kernel
93s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
22-05-2024 02:28

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

智能一键插眼跳眼.exe
Size

1.3MB
MD5

b5568e47c1ff9bc233922abf6f3bed83
SHA1

fdeb077d61455f7135eeaf618a743b693f1938be
SHA256

87c394f1e69820b0b05166bf2565d6b4880b11ee2c54709cecd2c2819e9bf78a
SHA512

6645d397fca860b9949143b7e5dd275a0d9f9f8361c71d7ce7bd335f40f0f1677c7317c8767da2a27bce48d2375080611391eecc4f191894cd5641c231e17cb0
SSDEEP

24576:ZAtlevRY06Bno8VfIoAdUF3MCVVfTOgS9apXp84WcFqOo144:6tleq06BnoofIhUFB9pnLqOoK4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 25 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral8/memory/2644-31-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-27-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-44-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-43-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-41-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-39-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-37-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-35-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-25-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-23-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-21-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-17-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-15-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-11-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-9-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-5-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-2-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-33-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-29-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-19-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-13-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-7-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-3-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-1-0x0000000010000000-0x000000001003E000-memory.dmp	upx
behavioral8/memory/2644-47-0x0000000010000000-0x000000001003E000-memory.dmp	upx

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

智能一键插眼跳眼.exe

pid process

2644 智能一键插眼跳眼.exe
2644 智能一键插眼跳眼.exe
2644 智能一键插眼跳眼.exe

pid	process
2644	智能一键插眼跳眼.exe
2644	智能一键插眼跳眼.exe
2644	智能一键插眼跳眼.exe

C:\Users\Admin\AppData\Local\Temp\智能一键插眼跳眼.exe
"C:\Users\Admin\AppData\Local\Temp\智能一键插眼跳眼.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2644-0-0x0000000000400000-0x000000000060A200-memory.dmp

Filesize
2.0MB

Download
memory/2644-31-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-27-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-44-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-43-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-41-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-39-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-37-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-35-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-25-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-23-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-21-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-17-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-15-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-11-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-9-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-5-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-2-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-33-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-29-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-19-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-13-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-7-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-3-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-1-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-45-0x0000000000400000-0x000000000060A200-memory.dmp

Filesize
2.0MB

Download
memory/2644-47-0x0000000010000000-0x000000001003E000-memory.dmp

Filesize
248KB

Download
memory/2644-48-0x0000000000400000-0x000000000060A200-memory.dmp

Filesize
2.0MB

Download