Overview

overview

10

Static

static

7

UMPTOOL V4...ge.dll

windows7-x64

3

UMPTOOL V4...ge.dll

windows10-2004-x64

3

UMPTOOL V4...ol.exe

windows7-x64

1

UMPTOOL V4...ol.exe

windows10-2004-x64

3

AutoRun.exe

windows7-x64

3

AutoRun.exe

windows10-2004-x64

3

AutoSvr.exe

windows7-x64

6

AutoSvr.exe

windows10-2004-x64

6

Loader.exe

windows7-x64

10

Loader.exe

windows10-2004-x64

6

PlayMedia.exe

windows7-x64

3

PlayMedia.exe

windows10-2004-x64

3

UMPTOOL V4...in.exe

windows7-x64

7

UMPTOOL V4...in.exe

windows10-2004-x64

7

UMPTOOLV4....ge.dll

windows7-x64

3

UMPTOOLV4....ge.dll

windows10-2004-x64

3

UMPTOOLV4....ol.exe

windows7-x64

1

UMPTOOLV4....ol.exe

windows10-2004-x64

3

AutoRun.exe

windows7-x64

3

AutoRun.exe

windows10-2004-x64

3

AutoSvr.exe

windows7-x64

6

AutoSvr.exe

windows10-2004-x64

6

Loader.exe

windows7-x64

10

Loader.exe

windows10-2004-x64

6

PlayMedia.exe

windows7-x64

3

PlayMedia.exe

windows10-2004-x64

3

UMPTOOLV4....ol.exe

windows7-x64

3

UMPTOOLV4....ol.exe

windows10-2004-x64

3

芯邦量�...��.url

windows7-x64

1

芯邦量�...��.url

windows10-2004-x64

1

量产工�...25.pdf

windows7-x64

3

量产工�...25.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    98s
  • max time network
    20s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    20-10-2024 18:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    量产工具1027/CBM2080_Flash_Support_list_060925.pdf

  • Size

    147KB

  • MD5

    8745801b426fdc62241ea32863290ca3

  • SHA1

    1f3453097e004fe0150541f6e2773352ed08c978

  • SHA256

    23db3917b6fa0c076a5603c91978f1f940c3976b5ecf7071a64828f97145e7e3

  • SHA512

    07aaa82222af4c21650e786ed1ca6836bd54c8c1b7586999f3dec814702b508d04206c91ea818f30abc300a8edc704a2f4a3e4fb053f4c3ba8fd3342eb0d7bb5

  • SSDEEP

    3072:DqJOE+OycJTxcWLRduK/XYe2dBsHPNXjOAXB/TCUJx17MN1/n8ljmRKyV+:DRE+OycjckIeescy/TCso1EloY

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\量产工具1027\CBM2080_Flash_Support_list_060925.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1553b9a7a887d3f4642f525a405a002f

    SHA1

    28fd783693df652a477068ea38942adf011b46ed

    SHA256

    8f124380955716d28811ee160d1b44b2a1b4646fffb0cd1fcf054d1d4c34286e

    SHA512

    79ab5b62a09ec462e25255401050c074f7e160a9571240b319a4f119f47930996002c5ed47c09452715ae39d66cbb9ea4746726b58a1ab80388771dcd10862cb

    Download Submit