d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc | Triage

Analysis

max time kernel
117s
max time network
131s
platform
windows10_x64
resource
win10
submitted
17-07-2020 23:56

Sharing

Report Analysis Logs

General

Target

d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
Size

273KB
MD5

66c7502b09828661d6c27e4a03cb7c68
SHA1

771f2ec7815e7bb4918b667ce02136410f14f8d6
SHA256

d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc
SHA512

277fa1c53a0a801778d0ec5f6b6fd8bb024cdbcecba81546c6b56aee2fcd625256e27fedca6886dd178c649bade99d9141cf5e696c2943df369dfb929b568e1c

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
4092	d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe

C:\Users\Admin\AppData\Local\Temp\d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe
"C:\Users\Admin\AppData\Local\Temp\d02fd08ae680847888cd8c48bdd235e528a88447a8eed1cfc394ed0a2df6d6dc.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:4092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4092-0-0x0000000002340000-0x000000000234C000-memory.dmp

Filesize
48KB

Download