Analysis
-
max time kernel
145s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
31-05-2023 04:36
Behavioral task
behavioral1
Sample
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe
Resource
win10v2004-20230220-en
General
-
Target
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe
-
Size
2.2MB
-
MD5
97e6eb508576e800c451c0e0338f07d9
-
SHA1
43ae01619a2f37dd75036f84c3898b510a94816c
-
SHA256
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6
-
SHA512
8b92861ce0c39ec995ea33ccfd3655b4e72e683a9192d620c726765d90e4a9f90c1fde4b1f28ffc63c95efad33b35e7ba436c46db9f20b0bfb372c34204875a7
-
SSDEEP
49152:r/SQkaQ7mFPDmMSS8rTUu5QrDpTF7prY3qXzPRQzKJOmtHlAMLpKtU:OtLS5mMSS8O7prY3qXVQmrjLEC
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exepid process 3784 94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe 3784 94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exepid process 3784 94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe"C:\Users\Admin\AppData\Local\Temp\94055ed8bc94e4cf82d5223104764c0ea8c36aa2283cfeb56902644a3f6147c6.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3784-134-0x0000000000400000-0x00000000012BB000-memory.dmpFilesize
14.7MB
-
memory/3784-133-0x0000000000400000-0x00000000012BB000-memory.dmpFilesize
14.7MB
-
memory/3784-135-0x0000000000400000-0x00000000012BB000-memory.dmpFilesize
14.7MB
-
memory/3784-138-0x0000000000400000-0x00000000012BB000-memory.dmpFilesize
14.7MB