0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3 | Triage

Analysis

max time kernel
120s
max time network
122s
platform
windows10_x64
resource
win10
submitted
18-07-2020 22:29

Sharing

Report Analysis Logs

General

Target

0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
Size

100KB
MD5

34f462dd0b44ff385d69cde4aaed053c
SHA1

e2be507699c73ed5eb2b9a691e7b20a113d5d2d4
SHA256

0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3
SHA512

b56a592a884c293b8d72d4f547be1034fed97ce65b4bcd42d781f4bcbd3c92d93c0f5bf143a70685e34d3d1bb12af6cd9622d53b11fc8a6ad9f60397f900a5d5

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
3044	0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe

C:\Users\Admin\AppData\Local\Temp\0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe
"C:\Users\Admin\AppData\Local\Temp\0a1e6926fec4e0d32382d26a01eed872eff27fd232864fc59ec486cd8c96b0b3.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3044-0-0x0000000002210000-0x000000000221C000-memory.dmp

Filesize
48KB

Download