42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e | Triage

Analysis

max time kernel
141s
max time network
143s
platform
windows10_x64
resource
win10v200430
submitted
18-07-2020 04:45

Sharing

Report Analysis Logs

General

Target

42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
Size

273KB
MD5

c1dad481b6ff75e04f10ec713d9bb850
SHA1

9dc3dbfbfe4216e4c11387056baf3a5b5d9a6c2c
SHA256

42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e
SHA512

0eca0fe35fb25c9c9d48ea0a59736bbcf26a0624added1a7ac3719fcbf832bdfb30b39c7b23c0a2cab4f3d77a0afaa62d87189e5b026030775dcf8cf0f86dda3

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe

Suspicious behavior: EmotetMutantsSpam 1 IoCs

pid	Process
3656	42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe

C:\Users\Admin\AppData\Local\Temp\42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe
"C:\Users\Admin\AppData\Local\Temp\42abfe1f99da45bc26ba208530bf89141c5086d1d01fcc327c8f88243802b13e.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: EmotetMutantsSpam
PID:3656

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3656-0-0x00000000021D0000-0x00000000021DC000-memory.dmp

Filesize
48KB

Download
memory/3656-1-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download