s2hco5ujig[.]xyz[:]443 | Triage

Analysis

max time kernel
77s
max time network
120s
platform
windows10_x64
resource
win10
submitted
12-07-2020 09:48

Sharing

Report Analysis Logs

General

Target

s2hco5ujig.xyz:443
Sample

200712-2ncavgbr5e

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

OpenWith.exe

pid process

3832 OpenWith.exe
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

OpenWith.exe

pid process

3832 OpenWith.exe
Modifies registry class 1 IoCs

Processes:

explorer.exe

description ioc process

Key created \REGISTRY\USER\S-1-5-21-2066881839-3229799743-3576549721-1000_Classes\Local Settings explorer.exe

C:\Windows\explorer.exe
explorer s2hco5ujig.xyz:443
1⤵
PID:3100

C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
1⤵
- Modifies registry class
PID:3064

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: GetForegroundWindowSpam
PID:3832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...