a0457d69830ac38f45f672e712b46a3ee2d57c504e251eca446c3f7b68cb8b8e

Analysis

max time kernel
117s
max time network
122s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
15-07-2024 21:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

VisualBat/Dos_help.chm
Size

749KB
MD5

92c5db9919cb797fa61848d14b8b9f07
SHA1

c463afca9709524848213d39dae78939b92aac25
SHA256

6abbc73d8a7deea099a7380320e2be2296f3e750014206615c43ccdda46d0f3f
SHA512

2889788aba65fed07318b89b99be7341e129593645d63b39a5cb1bed8a4ae65a5ba7f7f1e6ef8d7f2786aea03f7f527107f3aaaa08ead0d6096173da5098dc9a
SSDEEP

12288:hjDSPVunK18wDOAxo/M0slWHBDnkedV/xdTPc7TR6iaVLlG2FdA1pPzFc9:hjePozhUo/isHBDkE6PR6iaO2F6zPe9

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-940600906-3464502421-4240639183-1000\Software\Microsoft\Internet Explorer\Main	hh.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2524	hh.exe
2524	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\VisualBat\Dos_help.chm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2524

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads