47d79c98919b2c208a7093595dffddccfd774b28da0a2943b36a7dd3a855ac67 | Triage

Analysis

max time kernel
121s
max time network
137s
platform
windows10_x64
resource
win10
submitted
18-07-2020 06:44

Sharing

Report Analysis Logs

General

Target

n3cka313834.exe
Size

273KB
MD5

fbd6e1544c4c753569f988acc6c739c3
SHA1

ac80fb11cc6e037e02f20d7b3a1bcc228f97631a
SHA256

47d79c98919b2c208a7093595dffddccfd774b28da0a2943b36a7dd3a855ac67
SHA512

67a08024b58ee1cc83a96be4eda5dfa9b894eafe40dfaa0a176b0ec31132df1f7880a343669c4a24184be606699787a1eda6bc6353c2ca52bd9a0a400e48a0bc

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
976	n3cka313834.exe
976	n3cka313834.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe
976	n3cka313834.exe

Suspicious behavior: EmotetMutantsSpam 1 IoCs

pid	Process
976	n3cka313834.exe

C:\Users\Admin\AppData\Local\Temp\n3cka313834.exe
"C:\Users\Admin\AppData\Local\Temp\n3cka313834.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: EmotetMutantsSpam
PID:976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/976-0-0x00000000027B0000-0x00000000027BC000-memory.dmp

Filesize
48KB

Download
memory/976-1-0x0000000000400000-0x0000000000449000-memory.dmp

Filesize
292KB

Download