b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4 | Triage

Analysis

max time kernel
128s
max time network
125s
platform
windows10_x64
resource
win10v200430
submitted
19-07-2020 09:41

Sharing

Report Analysis Logs

General

Target

b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
Size

100KB
MD5

4664d10117d9cde566e943599ec67227
SHA1

21da0ffe5a35af5469c8f7f4bf65b1d29616ff54
SHA256

b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4
SHA512

0740165ea476e0aa99b3a30ecd20770eb6c2ab61896981f2f1fae4d01d5984c5a3e808552f9f1037608097ad9f4fde48ebcb6035f4d5b0e4afb53715369300be

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
1484	b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe

C:\Users\Admin\AppData\Local\Temp\b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe
"C:\Users\Admin\AppData\Local\Temp\b8ae1b3266934ed3b675afe7cb418f6f3d69cb279681710b7297065d225cbae4.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: EnumeratesProcesses
PID:1484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1484-0-0x00000000038E0000-0x00000000038EC000-memory.dmp

Filesize
48KB

Download