68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2 | Triage

Analysis

max time kernel
131s
max time network
128s
platform
windows10_x64
resource
win10v200430
submitted
18-07-2020 11:46

Sharing

Report Analysis Logs

General

Target

68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
Size

100KB
MD5

69a72ecb6e4d18a61d1a859cebf20f0d
SHA1

0fca5358660fb683697d7e4e5099f3346acdff8a
SHA256

68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2
SHA512

f551016dc39674955126813e23ce2dfcf0dd688b9cacabff229cdf91c6960544d65d879d7bcbe531cc93b237342dbea295f8ee71a9b3af098474273bdfcbdce7

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
1068	68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe

C:\Users\Admin\AppData\Local\Temp\68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe
"C:\Users\Admin\AppData\Local\Temp\68a36c259f3fffb8f6cf7e610a2547f10b8cf5a8b275b5def2b938ae12638bc2.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:1068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1068-0-0x0000000002210000-0x000000000221C000-memory.dmp

Filesize
48KB

Download