633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893 | Triage

Analysis

max time kernel
70s
max time network
123s
platform
windows10_x64
resource
win10
submitted
17/07/2020, 16:10

Sharing

Report Analysis Logs

General

Target

633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
Size

228KB
MD5

c81c55bd0437de2b2e40b0a9be766b89
SHA1

288d939b037fcefd21d7c758ef3a211eb5f3675b
SHA256

633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893
SHA512

20d219f7a080f2eb1b682c80a8209430baa05dbd4acb502647928557938cf8d554e73e85e9e77a3238af268204eb3241ebdfab772a40ccfd46be22923601e5dd

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
2964	633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe

C:\Users\Admin\AppData\Local\Temp\633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe
"C:\Users\Admin\AppData\Local\Temp\633f64761e8597ecbecb75c5ffd87b459e4b2bee142f6afd2041685143a4b893.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:2964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2964-0-0x00000000022E0000-0x00000000022EC000-memory.dmp

Filesize
48KB

Download