Overview

overview

1

Static

static

lcok.exe

windows10_x64

1

Analysis

  • max time kernel
    302s
  • max time network
    277s
  • platform
    windows10_x64
  • resource
    win10v20210410
  • submitted
    18-08-2021 08:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lcok.exe

  • Size

    393KB

  • MD5

    a96fd151b0afb913af10354e6f6ca1be

  • SHA1

    709182b6336e1215e438c6456d50edb3b11c1fb3

  • SHA256

    2b9fc5425a407d707354298c59ceb30f601707ed5878687049bf15e088ce4c24

  • SHA512

    86e9fb857dc825afc3daf19bab482be337c507875d937596e5407a01ca903b1542793877b07e10d69a9b365438a34568945f2b15ccb3064a13a0356e6a7e73ac

Score
1/10

Malware Config

Signatures

  • Modifies data under HKEY_USERS 15 IoCs
  • Suspicious behavior: LoadsDriver 64 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\lcok.exe
    "C:\Users\Admin\AppData\Local\Temp\lcok.exe"
    1⤵
      PID:4432
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x0 /state0:0xa3acd855 /state1:0x41c64e6d
      1⤵
      • Modifies data under HKEY_USERS
      • Suspicious use of SetWindowsHookEx
      PID:1832

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4432-114-0x0000000000E50000-0x0000000000E51000-memory.dmp
      Filesize

      4KB

      Download
    • memory/4432-116-0x00000000056D0000-0x00000000056D1000-memory.dmp
      Filesize

      4KB

      Download