75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47

Analysis

max time kernel
82s
max time network
117s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2023 04:40

Target

75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47.exe
Size

1.2MB
MD5

4f6bd4f30d4b43c1fa258d581258ccc0
SHA1

be01546fe08da992e9c5d87e816f4b812a69aaa4
SHA256

75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47
SHA512

ff558b5403d1a281d7080ce6602d9fcc8cf075c609e6eb496ef9ca46684b8c06b845ee1ed1eaaf9ddfede107d441966b639350b84b60af46bcfaeebeb4dda763
SSDEEP

24576:nGUv9aochPzPf35ZAZzj7ErC1HXFY2L4nVFDqa:7Obf3jAlnErC1HXFYLF

Score

1^/10

Script User-Agent 3 IoCs

Uses user-agent string associated with script host/environment.

description	flow	ioc
HTTP User-Agent header	14	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	17	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)
HTTP User-Agent header	11	Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4484	75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47.exe
4484	75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47.exe

C:\Users\Admin\AppData\Local\Temp\75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47.exe
"C:\Users\Admin\AppData\Local\Temp\75a21bf549114b0ec2df083689114cf0fda6fb913a9a8e98245b40851edf0c47.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4484

memory/4484-136-0x0000000002330000-0x0000000002331000-memory.dmp

Filesize
4KB

Download