Analysis

  • max time kernel
    94s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/06/2024, 09:08

General

  • Target

    病毒样本/Windows MailX/1.0.0.0/winhts.exe

  • Size

    1.7MB

  • MD5

    e21750740f1dfe2e86d29d7cf712131d

  • SHA1

    5a740c50146b1e2d7e72d2fe1f5854d94499d9c6

  • SHA256

    49f95cfb92a782b99b9c5b20a86b2363faa739124a89791a56c116729fb2a1e8

  • SHA512

    bf9ebff7b071c1ec2dce48381e14f4444aab8f57243ac229c9e411d6f8a110cf697c19b367ab62c694cfb201341e05ee052ba7b2ea7b98801a660e4e1b3ca5d5

  • SSDEEP

    49152:y5bf8JrkktU1ZpGEWwD7uQaPiyd2yglP:yZf8JA2U5GEFD71

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\病毒样本\Windows MailX\1.0.0.0\winhts.exe
    "C:\Users\Admin\AppData\Local\Temp\病毒样本\Windows MailX\1.0.0.0\winhts.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3176
    • C:\Users\Admin\AppData\Local\Temp\病毒样本\Windows MailX\1.0.0.0\SrTasksa.dat
      SrTasksa.dat hidden
      2⤵
        PID:4492

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads