eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655 | Triage

Analysis

max time kernel
131s
max time network
122s
platform
windows10_x64
resource
win10
submitted
18-07-2020 22:20

Sharing

Report Analysis Logs

General

Target

eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
Size

100KB
MD5

94b76751889e0643685f2238ea270723
SHA1

c2291a9aa3db6812769333b5f93493666c03b953
SHA256

eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655
SHA512

00434fd8a6d7592c89bf8ed5cc05ad8929aade6b616c4c8bb3facfdbc9c33c4c8a761061edd884d5bee5c96d510c8e0913a76fde7db167b341f4b71e10067a42

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
2920	eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe

C:\Users\Admin\AppData\Local\Temp\eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe
"C:\Users\Admin\AppData\Local\Temp\eb8ba7e3619a67ca50d7f81dd5eac5db93bf5716b7878c7d3f288318628b3655.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:2920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2920-0-0x0000000002210000-0x000000000221C000-memory.dmp

Filesize
48KB

Download