Overview

overview

7

Static

static

3

768be2bb76...18.exe

windows7-x64

7

768be2bb76...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

CalcHashAB.dll

windows7-x64

1

CalcHashAB.dll

windows10-2004-x64

3

FatOperate.dll

windows7-x64

1

FatOperate.dll

windows10-2004-x64

3

Initialize.dll

windows7-x64

6

Initialize.dll

windows10-2004-x64

6

LibSearchFileName.dll

windows7-x64

1

LibSearchFileName.dll

windows10-2004-x64

1

NamePipe.dll

windows7-x64

3

NamePipe.dll

windows10-2004-x64

3

NtfsOperate.dll

windows7-x64

1

NtfsOperate.dll

windows10-2004-x64

1

RecoveryPhoto.dll

windows7-x64

1

RecoveryPhoto.dll

windows10-2004-x64

3

SaveOperate.dll

windows7-x64

1

SaveOperate.dll

windows10-2004-x64

1

Tenorshare...ry.chm

windows7-x64

1

Tenorshare...ry.chm

windows10-2004-x64

1

ThreadCore.dll

windows7-x64

3

ThreadCore.dll

windows10-2004-x64

3

Un7z.dll

windows7-x64

1

Un7z.dll

windows10-2004-x64

3

audio/Audi...er.dll

windows7-x64

1

audio/Audi...er.dll

windows10-2004-x64

1

audio/AudioFilter.dll

windows7-x64

1

audio/AudioFilter.dll

windows10-2004-x64

1

audio/AudioPlayer.dll

windows7-x64

1

audio/AudioPlayer.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    130s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-05-2024 19:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tenorshare iPhone Data Recovery.chm

  • Size

    4.5MB

  • MD5

    e891858a8b20091684370537ef5f53ad

  • SHA1

    5e45e44a30167a974092b5b996f72bf3b773f11e

  • SHA256

    de7ea802c40af601e59c906a2ce71bab5262365ac38e2ff0a98a3710e9b4a4c5

  • SHA512

    6a282ac3e73f8134a3ba8470e8b70a4143bf8003b4eed810650e3e04ccc792f183cc4e27a974c3ec9102daf3f874cdec14469c9c93c17bcd482d344c9268f1fb

  • SSDEEP

    98304:YW9f/rstMnwoAviIM1JwQBBPEVQAbV3stXs78VuPu:YOf/4W54g9m1SJs7mum

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" "C:\Users\Admin\AppData\Local\Temp\Tenorshare iPhone Data Recovery.chm"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads