Overview

overview

7

Static

static

3

99jipai_Stup.exe

windows7-x64

7

99jipai_Stup.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Update.dll

windows7-x64

3

Update.dll

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

žż...��.exe

windows7-x64

1

žż...��.exe

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 01:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    žż.exe

  • Size

    408KB

  • MD5

    00066b266dc4509fb4c9d6f27f70014e

  • SHA1

    0abf2a7cb060929a70ff4ac508729a513d58666a

  • SHA256

    5f37d3ed3d4952504b0fe3e322b233bf3d5697457afee72c71387979905bc1ee

  • SHA512

    06a1abed0de35955405684d1414918ec3ee2ffc0da1b083dc62b77c9249bdcba748828ac86d5072b1115e501a092daafc5d62e204225d2cf25402e0aa541b8b9

  • SSDEEP

    6144:tMT8bfxe0SpdSBAr8pl7Sv2VBuLZhTujeWl0gkEesLBFFi4/jNwydRlNYtRC:2oJSpUh/sS66YmvljfRlutE

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 4 IoCs
  • Suspicious use of SendNotifyMessage 4 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\žż.exe
    "C:\Users\Admin\AppData\Local\Temp\žż.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2960-5-0x0000000000220000-0x00000000002DE000-memory.dmp

          Filesize

          760KB

          Download

        • memory/2960-4-0x0000000000300000-0x0000000000301000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2960-3-0x00000000002F0000-0x00000000002F1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2960-2-0x0000000000400000-0x00000000005CD000-memory.dmp

          Filesize

          1.8MB

          Download

        • memory/2960-1-0x0000000000400000-0x00000000005CD000-memory.dmp

          Filesize

          1.8MB

          Download

        • memory/2960-0-0x0000000000220000-0x00000000002DE000-memory.dmp

          Filesize

          760KB

          Download

        • memory/2960-6-0x0000000000300000-0x0000000000301000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2960-27-0x0000000000400000-0x00000000005CD000-memory.dmp

          Filesize

          1.8MB

          Download

        • memory/2960-28-0x0000000000300000-0x0000000000301000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2960-29-0x0000000000220000-0x00000000002DE000-memory.dmp

          Filesize

          760KB

          Download