54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6 | Triage

Analysis

max time kernel
120s
max time network
130s
platform
windows10_x64
resource
win10
submitted
18-07-2020 19:07

Sharing

Report Analysis Logs

General

Target

54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
Size

100KB
MD5

d89b3163c39507079e3026955fe89207
SHA1

25b8cd30ca4cfac65c4f713c0ad888f55c529aa2
SHA256

54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6
SHA512

383a2ab3c7c3095aced3f4ff8014fe4b638f07e1c0bfb8f6119f39cb788f0df6223dedb695f7cb9de14cc77db3c207cbc1baa8f03ce759ffdbf44cb64b1da0cd

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
3820	54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe

C:\Users\Admin\AppData\Local\Temp\54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe
"C:\Users\Admin\AppData\Local\Temp\54e25cf99f580e7279c3b23c03fab81e9e517d5c7f734bee0626f03ca67194e6.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3820-0-0x00000000022E0000-0x00000000022EC000-memory.dmp

Filesize
48KB

Download