Overview

overview

5

Static

static

3

CAD迷你�...��.exe

windows7-x64

1

CAD迷你�...��.exe

windows10-2004-x64

1

CAD迷你�...DK.dll

windows7-x64

5

CAD迷你�...DK.dll

windows10-2004-x64

5

CAD迷你�...en.dll

windows7-x64

3

CAD迷你�...en.dll

windows10-2004-x64

3

CAD迷你�...ng.exe

windows7-x64

1

CAD迷你�...ng.exe

windows10-2004-x64

1

CAD迷你�...un.exe

windows7-x64

1

CAD迷你�...un.exe

windows10-2004-x64

1

CAD迷你�...ry.exe

windows7-x64

3

CAD迷你�...ry.exe

windows10-2004-x64

3

CAD迷你�...ro.exe

windows7-x64

1

CAD迷你�...ro.exe

windows10-2004-x64

1

CAD迷你�...ll.dll

windows7-x64

1

CAD迷你�...ll.dll

windows10-2004-x64

1

CAD迷你�...es.dll

windows7-x64

1

CAD迷你�...es.dll

windows10-2004-x64

1

CAD迷你�...us.exe

windows7-x64

1

CAD迷你�...us.exe

windows10-2004-x64

1

CAD迷你�...or.exe

windows7-x64

1

CAD迷你�...or.exe

windows10-2004-x64

1

CAD迷你�...ls.dll

windows7-x64

3

CAD迷你�...ls.dll

windows10-2004-x64

3

CAD迷你�...ng.htm

windows7-x64

1

CAD迷你�...ng.htm

windows10-2004-x64

1

CAD迷你�...rl.dll

windows7-x64

1

CAD迷你�...rl.dll

windows10-2004-x64

1

CAD迷你�...0u.dll

windows7-x64

1

CAD迷你�...0u.dll

windows10-2004-x64

1

CAD迷你�...00.dll

windows7-x64

3

CAD迷你�...00.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 19:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CAD迷你画图/ProDfsShlExplus.exe

  • Size

    2.0MB

  • MD5

    88482877799f2d68ca0beaf36d679838

  • SHA1

    d8cfcd5575363daf2352d5f54216cbe74dd92341

  • SHA256

    9fc20a888236e1918a195f23b269c0b031f0c6ec8ce796e9aea28c0f43455fdd

  • SHA512

    831f42a56231bf6f83078cba05c1f7f06e1316f49a63d5c7cda6323f05a69a139d03ab7b2d74cd3bc84e74a2cd3507c2812b42a1f45ff88cb4f6fd83d6fe2dfa

  • SSDEEP

    49152:+vHQ10oc+LODj31iPgcWAJ+jDCb5tgqtKQKXn+sJ8NTQEoKt:+Q10oPODDEP9J+jDCb5t2QKXZ8NTQE3t

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\CAD迷你画图\ProDfsShlExplus.exe
    "C:\Users\Admin\AppData\Local\Temp\CAD迷你画图\ProDfsShlExplus.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads