8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7 | Triage

Analysis

max time kernel
145s
max time network
148s
platform
windows10_x64
resource
win10v200430
submitted
17-07-2020 17:10

Sharing

Report Analysis Logs

General

Target

8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
Size

276KB
MD5

68bc3a78858470181d86855039aefe6a
SHA1

c5289340b52028dc1435718d382a47edbc15ff64
SHA256

8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7
SHA512

a6a4502b39a26e1fba4d5e9a325b75ffc2902c98a9d166d88054e5446e8619ca58b65f4fde7b4aaf219faff26bd0a9f178c7f986e5ce506543594d489c6eb76a

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
756	8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe

C:\Users\Admin\AppData\Local\Temp\8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe
"C:\Users\Admin\AppData\Local\Temp\8db2c95632b40a845533c3fbc1872a049772d1374cd01e753e4bf5acdd0059a7.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/756-0-0x00000000021D0000-0x00000000021DC000-memory.dmp

Filesize
48KB

Download