Overview

overview

3

Static

static

3

155绿色�...��.url

windows7-x64

1

155绿色�...��.url

windows10-2004-x64

1

ICSharpCod...ib.dll

windows7-x64

1

ICSharpCod...ib.dll

windows10-2004-x64

1

Interop.Qu...ib.dll

windows7-x64

1

Interop.Qu...ib.dll

windows10-2004-x64

1

Jayrock.Json.dll

windows7-x64

1

Jayrock.Json.dll

windows10-2004-x64

1

Jayrock.dll

windows7-x64

1

Jayrock.dll

windows10-2004-x64

1

Jint.dll

windows7-x64

1

Jint.dll

windows10-2004-x64

1

Microsoft.mshtml.dll

windows7-x64

1

Microsoft.mshtml.dll

windows10-2004-x64

1

UpdateOnline.exe

windows7-x64

1

UpdateOnline.exe

windows10-2004-x64

1

log4net.dll

windows7-x64

1

log4net.dll

windows10-2004-x64

1

mymsg.htm

windows7-x64

3

mymsg.htm

windows10-2004-x64

3

skincrafte...05.dll

windows7-x64

3

skincrafte...05.dll

windows10-2004-x64

3

对时软件.exe

windows7-x64

3

对时软件.exe

windows10-2004-x64

3

算法小�...��.exe

windows7-x64

1

算法小�...��.exe

windows10-2004-x64

3

蹭饭小黑.exe

windows7-x64

1

蹭饭小黑.exe

windows10-2004-x64

1

运行不�...��.exe

windows7-x64

3

运行不�...��.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    145s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/08/2024, 01:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UpdateOnline.exe

  • Size

    51KB

  • MD5

    03d3d8dc528caf56ecc4f7e66dc4bf52

  • SHA1

    925716a99829df1d87655aed5b678a940746f3a4

  • SHA256

    43be7ef2cfa4e2d03b094ce8c9d9b39c94286bb8917548fbe7f9f6f442cd86b6

  • SHA512

    ea3346c2e0a53cbf6ce902a8c4f85de6470283ca3febf827fb0bc698907a7b19e0e41038deecba14e784dcceebfdd038d62bfd0d860dc5fd22c417fc32689342

  • SSDEEP

    768:zVJp7gvUSYwZLHSK9Hj6giPB0tZ5IJJYIbzuuo+PB0tZ5IJJYIbzuuoN:dgvHZLF9H+g/MJYEup7MJYEupN

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\UpdateOnline.exe
    "C:\Users\Admin\AppData\Local\Temp\UpdateOnline.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2484-0-0x00007FFCC9025000-0x00007FFCC9026000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2484-1-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-2-0x000000001B8B0000-0x000000001BD7E000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/2484-3-0x000000001BE20000-0x000000001BEBC000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2484-4-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-5-0x0000000000D70000-0x0000000000D78000-memory.dmp

    Filesize

    32KB

    Download

  • memory/2484-6-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-7-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-8-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-9-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-10-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-11-0x00007FFCC9025000-0x00007FFCC9026000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2484-12-0x00007FFCC8D70000-0x00007FFCC9711000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2484-17-0x00000000217B0000-0x0000000021F56000-memory.dmp

    Filesize

    7.6MB

    Download

  • memory/2484-26-0x0000000021F60000-0x0000000022417000-memory.dmp

    Filesize

    4.7MB

    Download