6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073 | Triage

Analysis

max time kernel
129s
max time network
130s
platform
windows10_x64
resource
win10
submitted
17-07-2020 21:23

Sharing

Report Analysis Logs

General

Target

6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
Size

276KB
MD5

c1fe870ce81180d4c207402c0dc79f31
SHA1

6211cd400f06c136791d9cae83f9d7b6a5433731
SHA256

6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073
SHA512

b2ce8bd88c5b827a048761afa337c98e71db3fd26553880c8fea4688199f98ef399a2221134384183ef8eae18ec3f70b3991f95a2a8563a5a98a4daf30548666

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
3372	6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe

C:\Users\Admin\AppData\Local\Temp\6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe
"C:\Users\Admin\AppData\Local\Temp\6c3af432e214e49b5f2cb7af4c8f7803ed70eba4e8de675f807b53e73c4cb073.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3372-0-0x0000000002250000-0x000000000225C000-memory.dmp

Filesize
48KB

Download