f15c44f5e0edbc24d48862f40412298c4858d2884a91b66bf258466a744873b6

Analysis

max time kernel
13s
max time network
17s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
10-02-2025 12:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Lang/Bg/help.chm
Size

2.4MB
MD5

81d7a3020a883a001e939439f92ceb1b
SHA1

15233d9410b71f0194768c887aa670fbf9f82074
SHA256

96e1d5840721f2cbc550398200700a7a65a4da7447f5972e5ff3eddb606ddf5a
SHA512

6825abe057fcdd98333859faad9c9c564822e33dbb986ce23cae420109e7d691a4c6252cb1c4600af44a517e7f10799e6be0046bc7fd68715fca35fe1b83cf6f
SSDEEP

49152:MGyQ7DUqTPYtIC+5MN268D2MfW9ERlK0NfisauWFk0Nt54vu3bnw:MGZHPPYttOMv8SMOExisYjyu3Tw

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2703099537-420551529-3771253338-1000\Software\Microsoft\Internet Explorer\Main	hh.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2308	hh.exe
2308	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\Lang\Bg\help.chm
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2308

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads