3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0 | Triage

Analysis

max time kernel
139s
max time network
142s
platform
windows10_x64
resource
win10v200430
submitted
18-07-2020 08:24

Sharing

Report Analysis Logs

General

Target

3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
Size

273KB
MD5

d2b9390ab293c82414163661b55d9ba4
SHA1

d2f7aface2f4807886a7f08e66bf058cd1d66c3e
SHA256

3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0
SHA512

6a2bfc384ee7e13db42af70953848d0d69cc3a1d3b6dc22a9277182da92bbcb74897392d94150b2534b767d30248fd58398101ffe6a116ae9c6054809b84c256

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
3656	3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe

C:\Users\Admin\AppData\Local\Temp\3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe
"C:\Users\Admin\AppData\Local\Temp\3a94b4f82ea16028c9a775e3b87898e6264b4ff7e38c08f94385d05f445b69c0.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3656-0-0x0000000002320000-0x000000000232C000-memory.dmp

Filesize
48KB

Download