Overview

overview

1

Static

static

TIMECLOCK.exe

windows10_x64

1

Resubmissions

18-01-2022 06:34

220118-hb7wyaabep 10

15-09-2021 06:41

210915-hf8n2adaeq 10

15-09-2021 06:33

210915-hbdm4adael 1

Analysis

  • max time kernel
    68s
  • max time network
    116s
  • platform
    windows10_x64
  • resource
    win10-jp
  • submitted
    15-09-2021 06:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TIMECLOCK.exe

  • Size

    460KB

  • MD5

    513b43a30628978d52d18912b72dcdd0

  • SHA1

    97368003849122e99dc7b0e25b4b37b2999053ee

  • SHA256

    47bac27be954cf593ac731cd57fa98b565cf5036a6fbf35c508549f039eea8f3

  • SHA512

    a8e846109b644df3e905e33ae2218b5f0c7f65efd2a202c2d2c38a89d2e979d4379862b545523b7338855f51f087ad4d7c41746197e9f233e938ed4bbfbb5c0c

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TIMECLOCK.exe
    "C:\Users\Admin\AppData\Local\Temp\TIMECLOCK.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3896
  • C:\Users\Admin\AppData\Local\Temp\TIMECLOCK.exe
    C:\Users\Admin\AppData\Local\Temp\TIMECLOCK.exe {450DB010-A2B6-40B2-AAA3-AEADBEE650E5}
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4072
  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
    1⤵
      PID:4788

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3896-115-0x0000000002280000-0x0000000002294000-memory.dmp

      Filesize

      80KB

      Download

    • memory/3896-118-0x00000000022A0000-0x00000000022B6000-memory.dmp

      Filesize

      88KB

      Download

    • memory/3896-121-0x0000000002260000-0x0000000002272000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4072-122-0x0000000002190000-0x00000000021A4000-memory.dmp

      Filesize

      80KB

      Download

    • memory/4072-125-0x0000000002A70000-0x0000000002A86000-memory.dmp

      Filesize

      88KB

      Download