Overview

overview

10

Static

static

7

Shut Down ...lp.chm

windows7-x64

1

Shut Down ...lp.chm

windows10-2004-x64

1

Shut Down ...md.exe

windows7-x64

1

Shut Down ...md.exe

windows10-2004-x64

3

Shut Down ...rv.exe

windows7-x64

3

Shut Down ...rv.exe

windows10-2004-x64

3

Shut Down ...wn.exe

windows7-x64

10

Shut Down ...wn.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    13s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    08/09/2024, 23:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Shut Down Expert/Help.chm

  • Size

    360KB

  • MD5

    6928480e58bf85c8fa54201d17df2abe

  • SHA1

    cd5ae880baac26e4c14f49f14bc3100cd798f429

  • SHA256

    c9e01953c13cc23f526a7769dc9ac0d748b93c624f009ad2a46ea5e6f3f04cb4

  • SHA512

    16a62a36e351f068779a9d50030349cf86382782a628ce5b6efcff5d4f02e8dfced42c6945dfbf3b1289b3df557521a33a941954a9e20ffcfebdd6450776dcee

  • SSDEEP

    6144:ntM5ZkKBCoulWbZGW32J2MfwuC3iHHsWEui/5iNWLjawepJtpVURyGoPvve88DMG:tMLknd2ZGP2EwuC3iHMWEJhfvawejHG5

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" "C:\Users\Admin\AppData\Local\Temp\Shut Down Expert\Help.chm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:3060

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3060-22-0x000007FFFFF90000-0x000007FFFFFA0000-memory.dmp

    Filesize

    64KB

    Download