Overview

overview

7

Static

static

3

176b728c76...18.exe

windows7-x64

7

176b728c76...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

3

$R0.dll

windows10-2004-x64

3

HaoZip.chm

windows7-x64

1

HaoZip.chm

windows10-2004-x64

1

HaoZip.exe

windows7-x64

4

HaoZip.exe

windows10-2004-x64

3

HaoZipC.exe

windows7-x64

3

HaoZipC.exe

windows10-2004-x64

3

HaoZipUpdate.exe

windows7-x64

3

HaoZipUpdate.exe

windows10-2004-x64

3

lang/HaoZi...hs.dll

windows7-x64

3

lang/HaoZi...hs.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    103s
  • max time network
    107s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/10/2024, 11:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    HaoZip.chm

  • Size

    163KB

  • MD5

    74309dc7361642b6f9b796899b467c2b

  • SHA1

    742c190163efd3b594da20754822e556a921b80e

  • SHA256

    82e3dbcf5478eab913373bb2bfb9c464248a1803f5905f0fddd2315297fa5383

  • SHA512

    a1ab71d1ae469c8882ab3281addf3d97a982f873a8f47c10fe930188163bd1bc0ff02cf5cda70bf4d993faea0c3e206daf0b966dae125a5a52d23aa4c74c6943

  • SSDEEP

    3072:mhuIyDjh8PuRCakQzgQlibBqljt54yy20bSxegRoVoaVYlMluR/:m8jSEkQzg42c54c3xJRWpVs/

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\HaoZip.chm
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads