Analysis
-
max time kernel
55s -
max time network
152s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
15-09-2021 07:05
Static task
static1
Behavioral task
behavioral1
Sample
328e0ca9066575a0b9622e6495eb49e2.exe
Resource
win7-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
328e0ca9066575a0b9622e6495eb49e2.exe
Resource
win10v20210408
windows10_x64
0 signatures
0 seconds
General
-
Target
328e0ca9066575a0b9622e6495eb49e2.exe
-
Size
36KB
-
MD5
328e0ca9066575a0b9622e6495eb49e2
-
SHA1
32e7220139f7d20e4de02af32eeeffe0016b2b2d
-
SHA256
89d1e77b255172bea5d8e574f3182671c39dfa47750992b477811fdb3d8015bf
-
SHA512
4a624f617d8be940dd2139d144126d2bec0ea6601e0547651f7075ba93604e18ee499f70d090dd41cadf366dc116983f53ca236fcbd6b99970ab2ab823915750
Score
1/10
Malware Config
Signatures
-
Modifies registry class 1 IoCs
Processes:
328e0ca9066575a0b9622e6495eb49e2.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-1594587808-2047097707-2163810515-1000_Classes\Local Settings 328e0ca9066575a0b9622e6495eb49e2.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
OpenWith.exepid process 1028 OpenWith.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\328e0ca9066575a0b9622e6495eb49e2.exe"C:\Users\Admin\AppData\Local\Temp\328e0ca9066575a0b9622e6495eb49e2.exe"1⤵
- Modifies registry class
-
C:\Windows\system32\OpenWith.exeC:\Windows\system32\OpenWith.exe -Embedding1⤵
- Suspicious use of SetWindowsHookEx