ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e

Analysis

max time kernel
136s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07/11/2022, 11:38

Target

ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
Size

958KB
MD5

939e8fbf8efa7baf65e7367e984f3997
SHA1

e343b0da1547ce01708eda0357344a502ea08fb8
SHA256

ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e
SHA512

e00ab91aa8181d1245e26a48195123f5fa513cde2a2da30c303ff5b9a9481d91dd8742fc3d625a655b9437c6bc86aa5168fe3cf80a5debb6d07312da1d0fcc9b
SSDEEP

12288:oIZLwDshZ2p6j2y4LcmXjxEL/hPKHvcXqFApycRpB9EF3J8QH:PZ0S2p6KIE6LJEvcpyc3nEFuQH

Score

1^/10

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	25	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	5	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	21	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious use of SetWindowsHookEx 5 IoCs

pid	Process
4648	ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
4648	ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
4648	ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
4648	ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
4648	ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe

C:\Users\Admin\AppData\Local\Temp\ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe
"C:\Users\Admin\AppData\Local\Temp\ab4054724be6034c16b410eda585c8407e164cb9ea887adbd77607509d100c0e.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4648