Overview

overview

3

Static

static

3

menghuanxi...��.url

windows7-x64

1

menghuanxi...��.url

windows10-2004-x64

1

menghuanxi...��.htm

windows7-x64

3

menghuanxi...��.htm

windows10-2004-x64

3

menghuanxi....0.exe

windows7-x64

3

menghuanxi....0.exe

windows10-2004-x64

3

menghuanxi...��.url

windows7-x64

1

menghuanxi...��.url

windows10-2004-x64

1

menghuanxi...��.url

windows7-x64

1

menghuanxi...��.url

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    03/10/2024, 21:38

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    menghuanxiyouguaji/梦幻西游挂机辅助器 v1.0.exe

  • Size

    707KB

  • MD5

    f76c112a9d003238e487f5ba65702869

  • SHA1

    22e7ed08a8d4ba466d74ed5b00759304650d1aac

  • SHA256

    8ce183249618557e123306c0b420d1caf2d35aad10f8695a0be83a7a1b7c857e

  • SHA512

    f8771f519618cb337ec4745e37ece1d9e849d683cb005e60709b131a4042978f187aadf195144cfbd0a21b19e5277544c92acd9d2b7e64b6aed4f30aca38f9aa

  • SSDEEP

    12288:rJzCQyROKoDsTgWP75HphyvNNUxAL5ioOaEOexmY35kh+/AQY3NLBKkgbe2EW5kH:NLY75fyb1hqxhS70Q2ZkaA

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\menghuanxiyouguaji\梦幻西游挂机辅助器 v1.0.exe
    "C:\Users\Admin\AppData\Local\Temp\menghuanxiyouguaji\梦幻西游挂机辅助器 v1.0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:1684

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1684-0-0x0000000000400000-0x0000000000418000-memory.dmp

          Filesize

          96KB

          Download

        • memory/1684-1-0x00000000001B0000-0x00000000001B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1684-2-0x0000000000400000-0x0000000000418000-memory.dmp

          Filesize

          96KB

          Download

        • memory/1684-3-0x0000000000400000-0x0000000000418000-memory.dmp

          Filesize

          96KB

          Download