Overview

overview

10

Static

static

3

JaffaCakes...d8.exe

windows7-x64

7

JaffaCakes...d8.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

AIPR.exe

windows7-x64

10

AIPR.exe

windows10-2004-x64

10

aipr.chm

windows7-x64

1

aipr.chm

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-01-2025 11:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aipr.chm

  • Size

    72KB

  • MD5

    b20c33a2ea94ea2283d3d46c5717ad1d

  • SHA1

    e7731c44df2836d4ff09c764588b04e9b1f90030

  • SHA256

    7d81b54340949294e6a6947f4ebc0383e865d39ae54887ea65b68606cd5da97a

  • SHA512

    688c516e19f5db5e08b4e57ba18f72aaabc0d5c60d0927f0e09cffda601f2d933b1c6e5e937c6a8aa7b5dc74f18d5f98142d0df87fd77503040385bc05615f78

  • SSDEEP

    1536:anSR+Yvhz1f0b2IqQ6AuxYcOe6WzukBlWUFbfjqJ9:aSTZz1cYhj5OeHCkBlWSnqJ9

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Windows\hh.exe
    "C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\aipr.chm
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads