daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2

Analysis

max time kernel
148s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
04/06/2023, 19:46

Target

daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2.exe
Size

1.2MB
MD5

8d9b2bd0fd8195c26f344a0f9b8a2406
SHA1

79a06908581fa9d113c66cd243a21b188609e9f9
SHA256

daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2
SHA512

4d69ebd2550af1fb74cbc5b680e05ed801ab40a38791f04d1071967a9d549780e099a0bb8e6600e5fdcb1390f7b4d7148dbefe614b814ee7a5690c361d3c2f1a
SSDEEP

24576:6KT9W8tZ5zLXKzI4PRVMErC1HXFY2L4nVFDqa:15hXKE4ZuErC1HXFYLF

Score

1^/10

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	12	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	16	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	17	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
5028	daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2.exe
5028	daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2.exe

C:\Users\Admin\AppData\Local\Temp\daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2.exe
"C:\Users\Admin\AppData\Local\Temp\daef21a416ca9d2a86a1db73fac55ba897107c1ef254d82134f6cdc16df3ace2.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:5028

memory/5028-136-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download