5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac | Triage

Analysis

max time kernel
110s
max time network
124s
platform
windows10_x64
resource
win10
submitted
17-07-2020 22:34

Sharing

Report Analysis Logs

General

Target

5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
Size

273KB
MD5

cb01815e0e678d73b5d99339e808c788
SHA1

1d1ed2b02e114a76204de6fcae39262115679bab
SHA256

5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac
SHA512

6addc53493e77597ea6f066758e76b494c79624c845629ce07ac6e5a6cf541317027b3760cb3d41010317e0ea7c501fc0eeed0dd7f5cbc6068661f530671d813

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
3020	5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe

C:\Users\Admin\AppData\Local\Temp\5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe
"C:\Users\Admin\AppData\Local\Temp\5e2ccffbaea3ef49de145a0ffdb5010933473860c307c4b89c153b62718652ac.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3020-0-0x0000000002120000-0x000000000212C000-memory.dmp

Filesize
48KB

Download