bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9 | Triage

Analysis

max time kernel
118s
max time network
124s
platform
windows10_x64
resource
win10
submitted
17/07/2020, 17:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
Size

276KB
MD5

942e04e52ff4fbb08cd1e977015bda7b
SHA1

07610bed8413b38505cb8ce7f4edaa31ea6e336b
SHA256

bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9
SHA512

d9cf09dd0bff064dbf4fbc791bfa4a8653d1eda60c57ceb86928370466150126fdbffca9c38a9bf183942aa681a22906bcac6c5369b9f701baf923e4d63419f4

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
3104	bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe

C:\Users\Admin\AppData\Local\Temp\bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe
"C:\Users\Admin\AppData\Local\Temp\bd330efb0d592f2942426347087f8be347bc657ca308b30ae9b488112b8d81a9.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:3104

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3104-0-0x00000000021D0000-0x00000000021DC000-memory.dmp

Filesize
48KB

Download