ebdb0f767c67668f941f677249b5ca06ea5ef9cf174373b3869b73bbeab24c89

Analysis

max time kernel
24s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 15:35

Target

SecuriteInfo.com.FileRepMalware.1205.16193.exe
Size

1.2MB
MD5

ea20cee0a8141a90a074358640d12941
SHA1

8b2e2c81c8437b44ab32c8053e417ca328ae8fc8
SHA256

ebdb0f767c67668f941f677249b5ca06ea5ef9cf174373b3869b73bbeab24c89
SHA512

b44544e21a1ef974cb425ddb7141e301d483590a0438f7b43eb5f197d168906d812758451ace0e8db7c278a53c2b8d1b89acaa8719cf87636c76b600253cbe79
SSDEEP

24576:Msa2aV9a4oH/IXs3wzuPPfI5uduQCtm+Sg40Q5mrCkhb/:MmIXWPPfIpNtm+SeQ4

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

SecuriteInfo.com.FileRepMalware.1205.16193.exe

pid process

908 SecuriteInfo.com.FileRepMalware.1205.16193.exe
908 SecuriteInfo.com.FileRepMalware.1205.16193.exe

pid	process
908	SecuriteInfo.com.FileRepMalware.1205.16193.exe
908	SecuriteInfo.com.FileRepMalware.1205.16193.exe

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.FileRepMalware.1205.16193.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.FileRepMalware.1205.16193.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:908

memory/908-54-0x0000000075131000-0x0000000075133000-memory.dmp

Filesize
8KB

Download
memory/908-55-0x0000000010000000-0x0000000010048000-memory.dmp

Filesize
288KB

Download