f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d | Triage

Analysis

max time kernel
141s
max time network
142s
platform
windows10_x64
resource
win10
submitted
17-07-2020 21:35

Sharing

Report Analysis Logs

General

Target

f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
Size

276KB
MD5

229a90781d54cb6ce8a0f02b7708640b
SHA1

072fad3c4df7dc0399be21f79406b300a84214c3
SHA256

f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d
SHA512

c15ed09fb1b30d55d455436f98eafdf1e3ee2466183c59e28a2f2ae8a8f328b484c6c751decd0721495247ab3b96d97eb73e05d181544a70116d6a5f2fe820a4

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe

Suspicious behavior: EmotetMutantsSpam 1 IoCs

pid	Process
3796	f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe

C:\Users\Admin\AppData\Local\Temp\f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe
"C:\Users\Admin\AppData\Local\Temp\f45d55b525d66d9006d16054b17732bebb50178b7e8ef4d3cc4c191cd538e68d.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: EmotetMutantsSpam
PID:3796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3796-0-0x0000000002270000-0x000000000227C000-memory.dmp

Filesize
48KB

Download
memory/3796-1-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download