9eef6e2d4e5d2511a3fb86645bc5ae5d239a58da5b5650470a5deece1c731668

Analysis

max time kernel
244s
max time network
254s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
25-11-2022 21:22

Target

傳奇守護者免费版1.8.9/detection/ly.exe
Size

696KB
MD5

61e693f3bd7627062a4ded2de831aedc
SHA1

87cc3a757d6b225bccd1254a42ef3fcfce73784e
SHA256

9a3a1eb330684e280e7c9bc6d521c3d2ee09fca47550856d9d3bc476a1f11ce8
SHA512

39b80fcf259cf8afce47c1c5cb304b4f2d7817fe1e5961731af4ee833b4cd71089ab8d0c9abfb4174c0a58a7d8cab71f1638a76699801c44d303dc7971c91a0f
SSDEEP

6144:GnvnnnluhSThKSXnXeaXrh+oxmFwkroTYnSScJAVwSTQgmTvonb/tRZJ:GnfnlZtbnzXrh+kGngqwSVeA

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

ly.exe

pid process

176 ly.exe
176 ly.exe

pid	process
176	ly.exe
176	ly.exe

C:\Users\Admin\AppData\Local\Temp\傳奇守護者免费版1.8.9\detection\ly.exe
"C:\Users\Admin\AppData\Local\Temp\傳奇守護者免费版1.8.9\detection\ly.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:176