eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869 | Triage

Analysis

max time kernel
135s
max time network
142s
platform
windows10_x64
resource
win10
submitted
18-07-2020 23:05

Sharing

Report Analysis Logs

General

Target

eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
Size

100KB
MD5

2f505e727e402839de2de17eeac8d087
SHA1

332d43d309a9345bd5b7d941c5b4b88fde462555
SHA256

eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869
SHA512

ee8ed25abe2885a2a956ca2810ba9d6ade8d41aa1f038f0af64ea3d9f2b5494fb613e85d561e5a857cbd610e104701368f8e9bf1ddd065ec74ec6cdc1768fb65

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

pid	Process
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe

Suspicious behavior: EmotetMutantsSpam 1 IoCs

pid	Process
3496	eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe

C:\Users\Admin\AppData\Local\Temp\eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe
"C:\Users\Admin\AppData\Local\Temp\eee94ad8910fc79ff2c61ffd4d9a3757a8634a81a440539979094970b9082869.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: EmotetMutantsSpam
PID:3496

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3496-0-0x00000000022E0000-0x00000000022EC000-memory.dmp

Filesize
48KB

Download
memory/3496-1-0x0000000000400000-0x0000000000419000-memory.dmp

Filesize
100KB

Download