Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18/10/2024, 06:47
General
-
Target
华子易语言版任意开后台极速发喇叭工具-QQ1091071877.exe
-
Size
624KB
-
MD5
a038abca52df4a8e26492d717eb154ed
-
SHA1
b9a9b220c6c9919a22763716c86c70b7a70b2b2c
-
SHA256
aa4a52edff739e30961fed53ce38a395e33280c80ce9d8bc7a8d94db0d1476ed
-
SHA512
bf2c5b5a27ec71eb3f6b6cb2a5f52e5c0ed7aa66f23064591f7ce525e902622fd7ad9fb1b906cb2fd005b459f8429a0f50fbd2754061f22d161f5232b66615f4
-
SSDEEP
12288:4DbCEd99S8EKIiUBMgGK1JV66AdjOM1QKs:4D2fKTUegGK1H66COMiKs
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\华子易语言版任意开后台极速发喇叭工具-QQ1091071877.exe"C:\Users\Admin\AppData\Local\Temp\华子易语言版任意开后台极速发喇叭工具-QQ1091071877.exe"1⤵
- System Location Discovery: System Language Discovery
- Suspicious use of SetWindowsHookEx