Overview

overview

7

Static

static

7

e/E海系�...��.exe

windows7-x64

7

e/E海系�...��.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 07:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e/E海系统维护工具.exe

  • Size

    11.6MB

  • MD5

    6b91ef341805ca27067ab39247fea232

  • SHA1

    c3edc073dd0ce8fe387f09f796d7af46ca6696a6

  • SHA256

    f1d21dd84c0cfa9c29148db7433beed6720195b68cd94f063d9d300d2c5e3039

  • SHA512

    4033efd777ab71aaa545dd61a91d726f4b35cae4bb2bf560136377af086ec793b2a265d8a3b6a81c873efbab772b202729041a095f0855ff4f959d2fc753ff12

  • SSDEEP

    196608:BwZVx8LkBRRkMvFJQ+aG/qI6wdGjz4WiySn1WHUOGVm8YI/5NzITbImF+5:B8xFRksJQbVITdGj8WwWHHG/bzMbImF

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e\E海系统维护工具.exe
    "C:\Users\Admin\AppData\Local\Temp\e\E海系统维护工具.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\e\SkinH_EL.dll
    Filesize

    86KB

    MD5

    8e1ebf661ba3518d4afdf0516308a3ea

    SHA1

    e56f4de1402d4bdedb492c751cc363eb6e55c360

    SHA256

    d748b34b19f86aee6f94824eb3a0a1aa7fc0b003e7ad759d224f7b5a2fb870f2

    SHA512

    96d6744c2f6e5aaa96aa93347a2183092daf4971f74f2e19f29c5277d0d89593df0333ababd89fb32a934488fdb996dddd448a5e3e2270b1a66b793b38c897ec

    Download Submit

  • memory/2412-0-0x0000000000400000-0x000000000185E000-memory.dmp

    Filesize

    20.4MB

    Download

  • memory/2412-1-0x0000000000400000-0x000000000185E000-memory.dmp

    Filesize

    20.4MB

    Download

  • memory/2412-2-0x0000000000400000-0x000000000185E000-memory.dmp

    Filesize

    20.4MB

    Download

  • memory/2412-11-0x000000001000A000-0x000000001000B000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2412-10-0x0000000010000000-0x000000001003C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/2412-3-0x0000000000400000-0x000000000185E000-memory.dmp

    Filesize

    20.4MB

    Download

  • memory/2412-12-0x0000000000400000-0x000000000185E000-memory.dmp

    Filesize

    20.4MB

    Download