Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2024 16:59

General

  • Target

    Crypto Ripper + reFUD pack/Crypto Obfuscator For .Net 2013/CryptoObfuscator.chm

  • Size

    812KB

  • MD5

    a444d1418acc12ef2828a1f70e93f6ff

  • SHA1

    b73bb3fc0fa75038f1d10f8f29a95d88d1d5edb8

  • SHA256

    a1f64fa4835b87a6eded7d46944278f7f9a5455a9eae5b314890afedbcc24119

  • SHA512

    5198ba91e782f0ad52deb46950680bff36a1e6a922d49bee0b55fd82e32f0cb3068eceb3550a00435a566c30b30151829cb8cc034efda9419f9245f8c658e2b4

  • SSDEEP

    24576:ZXH0fRSDIUpZru/nd+XKDPSr/WjzjpOgG+ae:ZkfRoZru/nAXKjWGXpOx+ae

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" "C:\Users\Admin\AppData\Local\Temp\Crypto Ripper + reFUD pack\Crypto Obfuscator For .Net 2013\CryptoObfuscator.chm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of SetWindowsHookEx
    PID:1992

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads