Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
03/06/2024, 08:03
Static task
static1
Behavioral task
behavioral1
Sample
dianhuasaorao/河源下载站-cngr.cn.url
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
dianhuasaorao/河源下载站-cngr.cn.url
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
dianhuasaorao/淘宝热卖.url
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
dianhuasaorao/淘宝热卖.url
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
dianhuasaorao/电话骚扰器.exe
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
dianhuasaorao/电话骚扰器.exe
Resource
win10v2004-20240508-en
General
-
Target
dianhuasaorao/电话骚扰器.exe
-
Size
1.6MB
-
MD5
f6865841e037d90c0c520903cd53d5ea
-
SHA1
664329b2456880a4449ad4d35698fd3b6704dcac
-
SHA256
dc64881f45faf692a3ba5e360360603688e5423e0f48cd5db73dd46fb1a6c063
-
SHA512
753221d13ab6d4537650bde4e9b889c0b12e5fb11072cbfa3a03265382f10e2c85d139038c5bf1b3175bfc53c63b57519354e7e1f72767b7c2aee0e1fc83f822
-
SSDEEP
49152:KjOuXC2J/yG+s8KuqGaX0ToIBAUZLYf5:huzFyFJBAUZLi
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1708 电话骚扰器.exe 1708 电话骚扰器.exe