Analysis

  • max time kernel
    150s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2023 19:28

General

  • Target

    KinnFMS.exe

  • Size

    3.0MB

  • MD5

    c7f4bad5e11a5b7afafa3d99b2c54e49

  • SHA1

    71c6ea3c28905840526164e6d595e8cbcfa64b61

  • SHA256

    3eba01f52edf180baf301639680dd6d68c74b8dfad9bdde2ff078540a9dad5c3

  • SHA512

    dc5505fc1384901eb48b44300d4d2e5e1c28a9ef95a1bb29d828f6696f24f739fa12486e3780071c26fd97302bafc5a53d36c08b057939d19425b7a22252e2bb

  • SSDEEP

    49152:5PY8xWn0cLSfPEqFgIkmbcwLQwNo9f659VUbh/e+pACFtJtZw7T7uwoT1JKI+CN:penJLSXNPwatnjVUbhG+HnZwiFyF

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\KinnFMS.exe
    "C:\Users\Admin\AppData\Local\Temp\KinnFMS.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1320

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\KinnFMS.INI

    Filesize

    23B

    MD5

    04604e1740b346a548b7ffcef8ab4acb

    SHA1

    f9e8b60d1ae00a2493596f76669ad4aa89b24d74

    SHA256

    d70a3ca1df05bb09fa0be85cadc634836c0334b069fbd0f7c817ed93eadd35b1

    SHA512

    7196c2bd43bad33f354f8ee1e26f94244a10776e521a665aa9f0288554edc911159331179efa71411adc23ce4fb64de961f3221917befa8aab85d7f46f61abf8

  • memory/1320-123-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

  • memory/1320-127-0x0000000000400000-0x0000000001223000-memory.dmp

    Filesize

    14.1MB

  • memory/1320-128-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB