89d1e77b255172bea5d8e574f3182671c39dfa47750992b477811fdb3d8015bf | Triage

Analysis

max time kernel
55s
max time network
152s
platform
windows10_x64
resource
win10v20210408
submitted
15-09-2021 07:05

Sharing

Report Analysis Logs

General

Target

328e0ca9066575a0b9622e6495eb49e2.exe
Size

36KB
MD5

328e0ca9066575a0b9622e6495eb49e2
SHA1

32e7220139f7d20e4de02af32eeeffe0016b2b2d
SHA256

89d1e77b255172bea5d8e574f3182671c39dfa47750992b477811fdb3d8015bf
SHA512

4a624f617d8be940dd2139d144126d2bec0ea6601e0547651f7075ba93604e18ee499f70d090dd41cadf366dc116983f53ca236fcbd6b99970ab2ab823915750

Score

1^/10

Malware Config

Signatures

Modifies registry class 1 IoCs

Processes:

328e0ca9066575a0b9622e6495eb49e2.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1594587808-2047097707-2163810515-1000_Classes\Local Settings	328e0ca9066575a0b9622e6495eb49e2.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

OpenWith.exe

pid process

1028 OpenWith.exe

C:\Users\Admin\AppData\Local\Temp\328e0ca9066575a0b9622e6495eb49e2.exe
"C:\Users\Admin\AppData\Local\Temp\328e0ca9066575a0b9622e6495eb49e2.exe"
1⤵
- Modifies registry class
PID:856

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Suspicious use of SetWindowsHookEx
PID:1028

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...