a33443c6603faec9d3bd8d8afd97259308fa4cf7c52332746eca9399c1b97194

Analysis

max time kernel
118s
max time network
124s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
20-09-2023 08:30

Target

隔離區文件/._cache_DxSetup.exe
Size

400KB
MD5

024437cfccbd6394df89e961a5983cfc
SHA1

296353233ad26d37c96f3827c8401fb33f503ca2
SHA256

9e62fe84aa0e0cc32a41150f99b9bbf105c52ba40fb896b5a58a237adafc5bea
SHA512

9b553d8d5bf8220c942c9a599a2bab24ac155f5bf5201bac0850c7839070e8f3a764930ce9e5849daf9811dbbc8ced4cfe01565c99ad2e4b18dbbfd8c61e81f0
SSDEEP

6144:LiettwIG8EwyZ/ap2KcwQu2QXrK3WTs5z2iHn7/W1QdK1SoooooooooNmiett:MI7vp2KgN/WJSooooooooo

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2464	._cache_DxSetup.exe
2464	._cache_DxSetup.exe

C:\Users\Admin\AppData\Local\Temp\隔離區文件\._cache_DxSetup.exe
"C:\Users\Admin\AppData\Local\Temp\隔離區文件\._cache_DxSetup.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2464