6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3 | Triage

Analysis

max time kernel
68s
max time network
122s
platform
windows10_x64
resource
win10
submitted
17/07/2020, 23:25

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
Size

273KB
MD5

94668ed0e204cf6d2495f03eddea899b
SHA1

ab0aa3fa6bdbd093ff8f234e4e5b98efa03936ec
SHA256

6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3
SHA512

b6b10704032e7569c4651e5561323035d66aa6af8df0e2c7234c6e3ed1acd2cf5e83e186acec249b48b5a1e4457307b81332eeff2d295d95eb47a47e6ca2e083

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
2512	6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe

C:\Users\Admin\AppData\Local\Temp\6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe
"C:\Users\Admin\AppData\Local\Temp\6949127e619d96e4983c61c989c8a460154166f0dca9f780efdf33899046e6c3.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:2512

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2512-0-0x0000000002260000-0x000000000226C000-memory.dmp

Filesize
48KB

Download