b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96 | Triage

Analysis

max time kernel
144s
max time network
146s
platform
windows10_x64
resource
win10
submitted
19-07-2020 07:28

Sharing

Report Analysis Logs

General

Target

b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
Size

100KB
MD5

0b0b22eb59167abdf1492856e78eb681
SHA1

dfadb6a971efa3627bb994c389701f931336530e
SHA256

b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96
SHA512

7a7b4a8dc1e8d28b2eac6158fad2e88b47940956bd799efc90cec746ad46511c711ded6da7df0dc5878c89e22ffbe81234da4f7ab93eadc98c4f5fede9b85ce4

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe

Suspicious behavior: EnumeratesProcesses 14 IoCs

pid	Process
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
3844	b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe

C:\Users\Admin\AppData\Local\Temp\b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe
"C:\Users\Admin\AppData\Local\Temp\b32bc1c00f3937dfa53b5b9034bc8ddc632cdc363d57c02ac1c0891a1cf23b96.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:3844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3844-0-0x0000000002210000-0x000000000221C000-memory.dmp

Filesize
48KB

Download