f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf | Triage

Analysis

max time kernel
128s
max time network
128s
platform
windows10_x64
resource
win10v200430
submitted
18/07/2020, 01:47

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
Size

273KB
MD5

a21656d3c9d7ebc81f027e745f58f8e5
SHA1

8de9696e70536ab9c774d15d7ee4d27c8ba72b0a
SHA256

f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf
SHA512

647b15abd6f86b672e216a72394eb3d2b26dc00f60173f5c974221d2775f7d675dd02bf9322e5eedb191b51f9dcdcd91f3015bca2673ee9d32a073a7350535f1

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
3264	f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe

C:\Users\Admin\AppData\Local\Temp\f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe
"C:\Users\Admin\AppData\Local\Temp\f9016aa86914fd7bdcb0d96b8ddf36bf76877a7825bfda43594070c9811387bf.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3264

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3264-0-0x0000000002250000-0x000000000225C000-memory.dmp

Filesize
48KB

Download