Overview

overview

6

Static

static

3

新建文�...up.exe

windows7-x64

3

新建文�...up.exe

windows10-2004-x64

3

新建文�...il.exe

windows7-x64

3

新建文�...il.exe

windows10-2004-x64

3

新建文�...Io.dll

windows7-x64

3

新建文�...Io.dll

windows10-2004-x64

新建文�...Io.sys

windows7-x64

1

新建文�...Io.sys

windows10-2004-x64

1

新建文�...px.sys

windows7-x64

1

新建文�...px.sys

windows10-2004-x64

1

新建文�...GP.dll

windows7-x64

3

新建文�...GP.dll

windows10-2004-x64

3

新建文�...GP.dll

windows7-x64

3

新建文�...GP.dll

windows10-2004-x64

3

新建文�...px.sys

windows7-x64

1

新建文�...px.sys

windows10-2004-x64

1

新建文�...st.exe

windows7-x64

6

新建文�...st.exe

windows10-2004-x64

6

新建文�...ch.exe

windows7-x64

3

新建文�...ch.exe

windows10-2004-x64

3

新建文�...st.exe

windows7-x64

4

新建文�...st.exe

windows10-2004-x64

4

新建文�...Io.dll

windows7-x64

3

新建文�...Io.dll

windows10-2004-x64

3

新建文�...Io.sys

windows7-x64

1

新建文�...Io.sys

windows10-2004-x64

1

新建文�...px.sys

windows7-x64

1

新建文�...px.sys

windows10-2004-x64

1

新建文�...GP.dll

windows7-x64

3

新建文�...GP.dll

windows10-2004-x64

3

新建文�...GP.dll

windows7-x64

3

新建文�...GP.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10/08/2024, 07:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    新建文件夹/Sis_agp117e/AGP/current/WINXP/sisagpx.sys

  • Size

    36KB

  • MD5

    61ca562def09a782d26b3e7edec5369a

  • SHA1

    73e0ee7a0a4f00ae3a8f3a5548957726e6c09cf8

  • SHA256

    3d9be60239ed8fed64c92b013adb6b880aef353b2f8ea28f69c0e09482b5a722

  • SHA512

    2aceb1c0c9a5eaa0fae8cac4b7f5208abb8f0e352c057d50d797857b29af2a4277b82f326bb18e514019226da75151fdb35d4c53cd2266fb27a69cf0de8eef36

  • SSDEEP

    768:+5ltDx/pty1iXwyzvr3uH0hLpzBZ4UyfI:ejDty1avreHKL1cUyfI

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\新建文件夹\Sis_agp117e\AGP\current\WINXP\sisagpx.sys
    1⤵
      PID:2568
      • C:\Users\Admin\AppData\Local\Temp\新建文件夹\Sis_agp117e\AGP\current\WINXP\sisagpx.sys
        C:\Users\Admin\AppData\Local\Temp\新建文件夹\Sis_agp117e\AGP\current\WINXP\sisagpx.sys
        2⤵
          PID:1532

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads