e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59 | Triage

Analysis

max time kernel
91s
max time network
128s
platform
windows10_x64
resource
win10
submitted
18-07-2020 07:40

Sharing

Report Analysis Logs

General

Target

e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
Size

273KB
MD5

81a984a537349d2d504beaa08af2c112
SHA1

c641b87cc91e3b9726b3c47aa44d1eebf49f0023
SHA256

e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59
SHA512

817852a1613e50b26b7e72ea7f3ac5aca31f56711bb61a3d242780805685ab312a67353f051d2cc7852332d4af7ff4fb247a870a5fc66968522b38d95462a72a

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
3892	e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe

C:\Users\Admin\AppData\Local\Temp\e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe
"C:\Users\Admin\AppData\Local\Temp\e6c60b12b6807f7726351f55effbccf51983cc8140e30929c094ae6f4aa2db59.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3892-0-0x00000000020A0000-0x00000000020AC000-memory.dmp

Filesize
48KB

Download