Overview

overview

9

Static

static

9

mspass.chm

windows7-x64

1

mspass.chm

windows10-2004-x64

1

mspass.exe

windows7-x64

9

mspass.exe

windows10-2004-x64

9

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/08/2024, 22:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mspass.chm

  • Size

    14KB

  • MD5

    afd4f337dec351cf873d71de99cc70f7

  • SHA1

    5336e36fc33e58242932c792fecad4b81f7b43b9

  • SHA256

    790ba40189b9dbcca519bd8014a3078558dcdab56dbe48ef56aa4653e34860b9

  • SHA512

    317fc03fd4d9e8f46cf260a2f511df488e4d351286f6822557e4f2a7721d54fa375514901d8c1b18f134921be67df64ce8757a9c0c4696603094e22840e3bacc

  • SSDEEP

    96:AzfjLrvWDur0JVuJx3fku51d5NFZP6d1o2o03uJQ1MvvRBiqgwETZJPDVZWb4:ArPrWD3JYjkubvp6Dzo0+eMDKlJDz

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\mspass.chm
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads