953d51a70801fe3bfd5391d9436a9d378ecf9e812ad4e6dbb057fce40c99a8cc

Submit
Reports

Overview

overview

Static

static

保姆小�...DK.dll

windows7-x64

保姆小�...DK.dll

windows10-2004-x64

保姆小�...ib.dll

windows7-x64

保姆小�...ib.dll

windows10-2004-x64

保姆小�...ib.dll

windows7-x64

保姆小�...ib.dll

windows10-2004-x64

保姆小�...20.dll

windows7-x64

保姆小�...20.dll

windows10-2004-x64

保姆小�...ET.dll

windows7-x64

保姆小�...ET.dll

windows10-2004-x64

保姆小�...et.dll

windows7-x64

保姆小�...et.dll

windows10-2004-x64

保姆小�...05.dll

windows7-x64

保姆小�...05.dll

windows10-2004-x64

保姆小�...ng.exe

windows7-x64

保姆小�...ng.exe

windows10-2004-x64

保姆小�...��.exe

windows7-x64

保姆小�...��.exe

windows10-2004-x64

Analysis

max time kernel
117s
max time network
123s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
19-07-2024 16:47

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/FetionSDK.dll

Resource

win7-20240708-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/FetionSDK.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Interop.QuartzTypeLib.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Interop.QuartzTypeLib.dll

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Interop.SSOAxCtrlForPTLoginLib.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Interop.SSOAxCtrlForPTLoginLib.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Newtonsoft.Json.Net20.dll

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Newtonsoft.Json.Net20.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/WININET.dll

Resource

win7-20240705-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/WININET.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral11

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/log4net.dll

Resource

win7-20240705-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/log4net.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/skincrafter.net-vs2005.dll

Resource

win7-20240704-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/skincrafter.net-vs2005.dll

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral15

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/保姆小黑 V2.32-QQ摩天大楼辅助 By Loading.exe

Resource

win7-20240708-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral16

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/保姆小黑 V2.32-QQ摩天大楼辅助 By Loading.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral17

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/运行不了点击这个文件.exe

Resource

win7-20240708-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/运行不了点击这个文件.exe

Resource

win10v2004-20240709-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading/Newtonsoft.Json.Net20.dll
Size

314KB
MD5

25aa4eb905be82c0791018b432ad95f2
SHA1

2041d87006911e71e44b9028974269f116c934a6
SHA256

56aa963e517536714137dc6b82682d64d1bfb8d6e03fcc2d8d253af38ebeca08
SHA512

357ba0cdaf373fd52de29328a8efa46741d85cd1e821002481888fdd77c1299debbc3d491fa532789122551f45d97d7c1da59931d510f91096ca50e3e8ad21de
SSDEEP

6144:CSCnuTJKTiFAatTFmoMaxrgWPUK/HE/J3+ED1YdQy6g:CSCnUAkTMoBxkWPv2F0D6g

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\保姆小黑_V2.32-QQ摩天大楼辅助_By_Loading\Newtonsoft.Json.Net20.dll,#1
1⤵
PID:2084

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads