5f3c3d9b59988298d065c7e5d19f89d580faa49607ab53ef559638458abb7175

Analysis

max time kernel
143s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
14-06-2023 07:26

Target

KinnAgent2008.exe20160201.exe
Size

4.4MB
MD5

054a3ab6208f9324a0f0b2da9ebf2658
SHA1

237d45d42084481e02e9366e7e17bd2bc5b163f0
SHA256

5f3c3d9b59988298d065c7e5d19f89d580faa49607ab53ef559638458abb7175
SHA512

9fe37fb7a77a0f89d5cfd60d50162a90323ff366cbe15195c1525edf732d1d400d5d5fa852cb89629676b7c5dfc19e9c03cb102f98c2b81213a9fdc02a367227
SSDEEP

98304:3rm8JDoh/tyBe75D0ufywGcthqcAgF1DFwmxZwSSKZt52:3hDe/tyw0uawGvcXFwJu5

Score

1^/10

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

KinnAgent2008.exe20160201.exe

pid process

4884 KinnAgent2008.exe20160201.exe
4884 KinnAgent2008.exe20160201.exe
4884 KinnAgent2008.exe20160201.exe

C:\Users\Admin\AppData\Local\Temp\KinnAgent2008.exe20160201.exe
"C:\Users\Admin\AppData\Local\Temp\KinnAgent2008.exe20160201.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4884

memory/4884-133-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-134-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-135-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-136-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-137-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-138-0x0000000003A10000-0x0000000003A11000-memory.dmp

Filesize
4KB

Download
memory/4884-139-0x0000000000400000-0x0000000001A87000-memory.dmp

Filesize
22.5MB

Download
memory/4884-140-0x0000000003A10000-0x0000000003A11000-memory.dmp

Filesize
4KB

Download