9733e3f15efe06bfbf6f1e890eee2f4b550f053acb18be931b1cb1c0c8f004ab

Analysis

max time kernel
139s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
31-08-2023 02:57

Target

todolist_exe/ConvertRTFToHTML.exe
Size

956KB
MD5

e1d5beb9fb5427043382c5627c3ab14a
SHA1

ac1f27a64cc8b73de2f2d8fdb42a0ad20d4e5efc
SHA256

8a6baa508fb7036173adf3c9dab62aa2d880b3892e6c5bc92a4c3b766b1d52b1
SHA512

03c4270df8fed4d86fe51dd8a1dd24ac5a8501de21111e3a0e8e7fb22918b15c9e116405a857d88eb79d7364a119cf495cbe2c4af42169f0b71b6f9fb90f63a9
SSDEEP

12288:DOTanOvUed3ortRUAG4IUO8uLMj1rCs4ooapL8Pfv8SLct28Cqnqj:7MNop6AGj8US1VygLM3dY2ck

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
640	ConvertRTFToHTML.exe
640	ConvertRTFToHTML.exe

C:\Users\Admin\AppData\Local\Temp\todolist_exe\ConvertRTFToHTML.exe
"C:\Users\Admin\AppData\Local\Temp\todolist_exe\ConvertRTFToHTML.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:640