11289a622930f7cf2208df85f56e5c3c663a709327ca9a2dd88c2ff13b411ba3 | Triage

Analysis

max time kernel
64s
max time network
151s
platform
windows10_x64
resource
win10v200430
submitted
13-07-2020 08:05

Sharing

Report Analysis Logs

General

Target

Emotet (1).bin.exe
Size

108KB
MD5

fcac43fac9c9ac9f936046a9e769c6f1
SHA1

225603e68e45012fa04b3ba0087702b8f220abe7
SHA256

11289a622930f7cf2208df85f56e5c3c663a709327ca9a2dd88c2ff13b411ba3
SHA512

bb003ab9bfb046a0b2866360cd3501bae1a693530573fa52918e368d6d61db4da7d5e88e7317953d13a5fc08185f08f59629de370b3ba8633130cb5454390e8f

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

Emotet (1).bin.exe

pid process

1008 Emotet (1).bin.exe
1008 Emotet (1).bin.exe
Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

Emotet (1).bin.exe

pid process

1008 Emotet (1).bin.exe
1008 Emotet (1).bin.exe
1008 Emotet (1).bin.exe
1008 Emotet (1).bin.exe

C:\Users\Admin\AppData\Local\Temp\Emotet (1).bin.exe
"C:\Users\Admin\AppData\Local\Temp\Emotet (1).bin.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:1008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1008-0-0x00000000022F0000-0x00000000022FE000-memory.dmp

Filesize
56KB

Download
memory/1008-1-0x0000000002300000-0x000000000230C000-memory.dmp

Filesize
48KB

Download