5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742 | Triage

Analysis

max time kernel
129s
max time network
126s
platform
windows10_x64
resource
win10v200430
submitted
18-07-2020 07:51

Sharing

Report Analysis Logs

General

Target

5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
Size

273KB
MD5

be89aa4df2b6c1577a4d57ee13ab88dd
SHA1

cb1cb7e76376d440fb4e665734cd92e98c1fe4f3
SHA256

5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742
SHA512

6fccce7294cfcf4684bf1d9a093e31e6155cb01be4d5b537882e6331bfd44dcb16f995f49a897fab13ea264c8f36b1b9f37b5c721c275bd39f124e08d5708575

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
1500	5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe

C:\Users\Admin\AppData\Local\Temp\5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe
"C:\Users\Admin\AppData\Local\Temp\5496478724cbec61a2e6665f07feea5158bc1d746929efdfb83e5dadb7dec742.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:1500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1500-0-0x0000000002260000-0x000000000226C000-memory.dmp

Filesize
48KB

Download