Overview

overview

3

Static

static

3

WinTools.n...sh.chm

windows7-x64

1

WinTools.n...sh.chm

windows10-2004-x64

1

WinTools.n...an.chm

windows7-x64

1

WinTools.n...an.chm

windows10-2004-x64

1

WinTools.n...ds.chm

windows7-x64

1

WinTools.n...ds.chm

windows10-2004-x64

1

WinTools.n...an.chm

windows7-x64

1

WinTools.n...an.chm

windows10-2004-x64

1

WinTools.n...sh.chm

windows7-x64

1

WinTools.n...sh.chm

windows10-2004-x64

1

WinTools.n...ta.exe

windows7-x64

3

WinTools.n...ta.exe

windows10-2004-x64

3

WinTools.n...ge.exe

windows7-x64

3

WinTools.n...ge.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    27/09/2024, 12:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WinTools.net Ultimate/Help/russian.chm

  • Size

    20KB

  • MD5

    e737d9e11b0fbdc58d6ebd4ee260f37e

  • SHA1

    98d4e2ad464c136e3b10bec39c28feae3b352091

  • SHA256

    342837b87ad0f80a9b49d29c73139942840c7a7c3509ff9afd65b918245d8ca0

  • SHA512

    b0291c88643b2b4eff3320b026be5266af0fa1f713a3938bb7f3356aa3935885ce821f6205226d14427645e90b9eee670d4f1ac8c0149b0d7d6786fc0bc2e282

  • SSDEEP

    192:GsBc397nafjwHgvcJlU7SOiIcY33mKG7sGBNgAJAa60g34riigo3XddgdVv:GiU5ssHg0Jq8IcY32K7GHJlzic3XnsVv

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" "C:\Users\Admin\AppData\Local\Temp\WinTools.net Ultimate\Help\russian.chm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1404

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads