66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af | Triage

Analysis

max time kernel
135s
max time network
148s
platform
windows10_x64
resource
win10v200430
submitted
17/07/2020, 21:20

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
Size

276KB
MD5

bcc24def64fb01197a7fd72bc44efc9c
SHA1

ee2696cf4e6e657387ad4648b35b9f337521c0c9
SHA256

66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af
SHA512

6f53b7b4d0a2357d1fe8eb4f4ba9dd81dfd5334393a26d6502a672bdd5e9f4886dc9cffdad8dafeb929e5bb9430f2ad08ae7f481aba4694e4c2240551073db3b

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe

Suspicious behavior: EmotetMutantsSpam 1 IoCs

pid	Process
1516	66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe

C:\Users\Admin\AppData\Local\Temp\66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe
"C:\Users\Admin\AppData\Local\Temp\66fd5e68a8f6dfa12b41e8d891f35b16825f16db5fef587b2d8714cb0f63b3af.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: EmotetMutantsSpam
PID:1516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1516-0-0x00000000021D0000-0x00000000021DC000-memory.dmp

Filesize
48KB

Download
memory/1516-1-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download