Overview

overview

7

Static

static

3

ea8f6dfab4...18.exe

windows7-x64

7

ea8f6dfab4...18.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

3

$PLUGINSDI...lp.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/Detect64.exe

windows7-x64

1

$TEMP/Detect64.exe

windows10-2004-x64

3

ClearOptions.exe

windows7-x64

3

ClearOptions.exe

windows10-2004-x64

3

DarkWave.chm

windows7-x64

1

DarkWave.chm

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

x64/DarkWa...io.exe

windows7-x64

1

x64/DarkWa...io.exe

windows10-2004-x64

1

x64/PlugIn...es.dll

windows7-x64

1

x64/PlugIn...es.dll

windows10-2004-x64

1

x86/DarkWa...io.exe

windows7-x64

3

x86/DarkWa...io.exe

windows10-2004-x64

3

x86/OpenAsio.dll

windows7-x64

3

x86/OpenAsio.dll

windows10-2004-x64

3

x86/PlugIn...es.dll

windows7-x64

3

x86/PlugIn...es.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    94s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2024, 04:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    DarkWave.chm

  • Size

    19KB

  • MD5

    28a9af166fd24775fc407b7fe1c2b68a

  • SHA1

    3b1825f615506593d2257927ae8d856300536ce3

  • SHA256

    71aae12b2adb1cb4cb6c45de4d5e0c7fa3062ae1ea570001ce608f45c8907f78

  • SHA512

    fee13f484009716e3379b0097d66d462616ba59f1dfcc45f73bcfa4f3c4c413d9e79eb98d6aa39a7533ebfa379a4615b976a84130b6bed764ad07a845338b496

  • SSDEEP

    192:6KiSc57hdme+cRRGHNk7j32I9Wd1GYuiVtgjMPHHAqDbcuO46eJvvnPblYg9tinG:6KithsTq3FQ1G1iDxbjP9JnnDb9oyl

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\DarkWave.chm
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads