72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d | Triage

Analysis

max time kernel
132s
max time network
135s
platform
windows10_x64
resource
win10
submitted
19-07-2020 09:22

Sharing

Report Analysis Logs

General

Target

72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
Size

100KB
MD5

9a035a2f8f22055124bd1a471a29045f
SHA1

b221dc105380abf97ad0596c0dac6062b165906d
SHA256

72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d
SHA512

15872d1925db55bb9d2ed3dcd4a21194e1fd2de7ec8398cd8eb2dbcbe7430faeb6c2b9c552067a9b7750abc0f86fe63fff6d802db04ce78e63a36a881cad8325

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
792	72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe

C:\Users\Admin\AppData\Local\Temp\72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe
"C:\Users\Admin\AppData\Local\Temp\72975b717ba86e3817efe1035350cfb0ec9954da89742faa15528410d8d4de3d.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/792-0-0x00000000023F0000-0x00000000023FC000-memory.dmp

Filesize
48KB

Download