276f6452862905ab58e5f7bbcd2f97dde2d2b271aa6c9d44cf59d98a81d98dd5

Analysis

max time kernel
90s
max time network
17s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
07-09-2024 19:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

au.chm
Size

130KB
MD5

10af532ececf06746461cee478048194
SHA1

30818313412422b840da076c2bfc96f34e91195f
SHA256

9c7b25bfe19fd898ae95cf29e5f2a06e372ede356282595814a39e65a25bb746
SHA512

a090991a09ec5ba26811799be1ed03c81bd75092ff68805e4b2591ef676a8f0f4dafd46d52e9f7e849a64c3e66a76ab5ec189e80f73ae68e204b1b1e213c0025
SSDEEP

3072:YmHNtelgeQ4OtjMBEXATvCe0lgCAXJs7dKOzpu:YmHNMueLoM3jCe0lgVJZOzpu

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	hh.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2744	hh.exe
2744	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\au.chm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads