cced2bae2c3b95429972af2edb44db3c97720d96ee052e544ebc794fafac1319

Analysis

max time kernel
24s
max time network
35s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 16:48

Target

pfDesktop.exe
Size

1.2MB
MD5

1513e22eb6a6d59647c5839d7a746a3f
SHA1

9db918516f5e7ca657222eec5a3ddf4f5ec8a355
SHA256

2d7961d9857b94014043425f5cbcd5041476ee5b8c2a33efbd10a8aff33323cb
SHA512

d59b4086982a3236bec2c981650d559079e1c68512b4d7fcb5490f9124ff986771a8490264bc4ff8ddbe16d654a10ce1f13be24621ca4512acdfb97df9560fd4
SSDEEP

24576:d4/6rcrLvbZz2K5p7NXrdeXIKHW2uXwGMN5pzvvBt7kQ:dvrInZz2Ip7bbKHW2uAGMrpFtwQ

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

pfDesktop.exe

pid process

1352 pfDesktop.exe
1352 pfDesktop.exe

pid	process
1352	pfDesktop.exe
1352	pfDesktop.exe

C:\Users\Admin\AppData\Local\Temp\pfDesktop.exe
"C:\Users\Admin\AppData\Local\Temp\pfDesktop.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1352

memory/1352-54-0x0000000075931000-0x0000000075933000-memory.dmp

Filesize
8KB

Download
memory/1352-55-0x0000000000400000-0x00000000005D8000-memory.dmp

Filesize
1.8MB

Download
memory/1352-56-0x0000000000390000-0x00000000003EA000-memory.dmp

Filesize
360KB

Download
memory/1352-58-0x00000000031B0000-0x00000000031B3000-memory.dmp

Filesize
12KB

Download
memory/1352-57-0x00000000031C0000-0x00000000031C4000-memory.dmp

Filesize
16KB

Download
memory/1352-59-0x0000000000400000-0x00000000005D8000-memory.dmp

Filesize
1.8MB

Download
memory/1352-60-0x0000000000390000-0x00000000003EA000-memory.dmp

Filesize
360KB

Download
memory/1352-62-0x0000000000390000-0x00000000003EA000-memory.dmp

Filesize
360KB

Download
memory/1352-61-0x0000000000400000-0x00000000005D8000-memory.dmp

Filesize
1.8MB

Download