f9d60cdf400e209a3184c76e1ac382fd56dc6cb0ed48788cbb18201dea087fa7 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

新建文�...86.dll

windows7-x64

3

新建文�...86.dll

windows10-2004-x64

3

新建文�...64.sys

windows10-2004-x64

1

新建文�...ca.exe

windows7-x64

3

新建文�...ca.exe

windows10-2004-x64

3

新建文�...ub.dll

windows7-x64

3

新建文�...ub.dll

windows10-2004-x64

3

新建文�...b9.dll

windows7-x64

3

新建文�...b9.dll

windows10-2004-x64

3

新建文�...ca.exe

windows7-x64

1

新建文�...ca.exe

windows10-2004-x64

3

新建文�...32.dll

windows7-x64

3

新建文�...32.dll

windows10-2004-x64

3

新建文�...et.exe

windows7-x64

1

新建文�...et.exe

windows10-2004-x64

1

Analysis

max time kernel
90s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
05/09/2024, 16:14

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

新建文件夹/SecurityCore_x86.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

新建文件夹/SecurityCore_x86.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral3

Sample

新建文件夹/WinDivert64.sys

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

新建文件夹/inst_ca.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral5

Sample

新建文件夹/inst_ca.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

新建文件夹/libeaio_stub.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

新建文件夹/libeaio_stub.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

新建文件夹/libeaio_stub9.dll

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

新建文件夹/libeaio_stub9.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

新建文件夹/netproxy_instca.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

新建文件夹/netproxy_instca.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

新建文件夹/printerhook32.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral13

Sample

新建文件夹/printerhook32.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

新建文件夹/sfwget.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

新建文件夹/sfwget.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

新建文件夹/sfwget.exe
Size

3.7MB
MD5

ea8ee16588b1750a84e85d5d9e86750d
SHA1

c8df50c5cd93c3fd8c6aba99fdf9cd7c93e44918
SHA256

dfdbabfde6981bc003587ab7cc372c211ebf59c10264e475a784b4d17182ff08
SHA512

2300a7ed83faa96a6410aeb16413431071a42cafac75e611284dc41f12a3971fead2c14398c76af9caa943bf98241cdb5118f2ca1211005aa75898f6d293975f
SSDEEP

98304:WbPk5HyUN8k5h/wDdEoNiV4I/hwAf1wAoTamiDAMgS:WbPk5HyC8k5h/wDdEoNiV4I/WWwA7mFS

Score

1^/10

Malware Config

Signatures

Processes

C:\Users\Admin\AppData\Local\Temp\新建文件夹\sfwget.exe
"C:\Users\Admin\AppData\Local\Temp\新建文件夹\sfwget.exe"
1⤵
PID:3012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3012-1-0x0000000000401000-0x00000000006CA000-memory.dmp

Filesize
2.8MB

Download
memory/3012-0-0x0000000000400000-0x00000000007C6000-memory.dmp

Filesize
3.8MB

Download
memory/3012-2-0x0000000000400000-0x00000000007C6000-memory.dmp

Filesize
3.8MB

Download

© 2018-2025

Terms | Privacy