Overview

overview

7

Static

static

3

dbbaae6190...18.exe

windows7-x64

7

dbbaae6190...18.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$WINDIR/ls...py.cmd

windows7-x64

1

$WINDIR/ls...py.cmd

windows10-2004-x64

1

LingvoSoft...ar.chm

windows7-x64

1

LingvoSoft...ar.chm

windows10-2004-x64

1

LingvoSoft...fo.chm

windows7-x64

1

LingvoSoft...fo.chm

windows10-2004-x64

1

LingvoSoft...lp.chm

windows7-x64

1

LingvoSoft...lp.chm

windows10-2004-x64

1

LingvoSoft...te.url

windows7-x64

1

LingvoSoft...te.url

windows10-2004-x64

1

LingvoSoft...ll.exe

windows7-x64

7

LingvoSoft...ll.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

00lsFRAR.html

windows7-x64

3

00lsFRAR.html

windows10-2004-x64

3

LD069D~1.html

windows7-x64

3

LD069D~1.html

windows10-2004-x64

3

LD13C4~1.html

windows7-x64

3

LD13C4~1.html

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-09-2024 03:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC/LingvoSoft Dictionary 2008 Help.chm

  • Size

    327KB

  • MD5

    160a97272bd2e78d91ba800280bb5a8f

  • SHA1

    8d7a13ef781dcf403bc4b5d364858405104026a1

  • SHA256

    98568e7068b06876f914d3e5d3a21e2282113e8d62aa5f9a2fbb935f02d8bbf3

  • SHA512

    4731d1c59dfc8e90db6d7a6814515bdbd9511c65e2d9963e0974e1930261e3b2f4aa890c835301d442df53b0db6359909e1bf4200c5c87271cfef596afe67b6b

  • SSDEEP

    6144:hSt6PDPMLy6c6OvhkzTmLQKEqDAmHqs0mxA8QXNMfCPZfqN6jXUZuj0XMaNI0Xyf:Mt6556ihcKEMTHqexAmjWXULv3Xyf

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" "C:\Users\Admin\AppData\Local\Temp\LingvoSoft Dictionary 2008 (French-Arabic) for Pocket PC\LingvoSoft Dictionary 2008 Help.chm"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads