020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
08-10-2023 13:22

Target

020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8.exe
Size

4.8MB
MD5

a8c1b98f016a62556d71506fa30f385a
SHA1

2c65790a5d0a73e4cc9034c9f4276f83266c2831
SHA256

020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8
SHA512

8847f0f93cf5ac15026228314b77543bda978492f54cf9f8548c8a69340ea5e8fd07ae2b86dea2b1a2e0e6bf25f920c3c0632a9f243746bd14e577dc6b5b4edb
SSDEEP

98304:It75bFXj4csTnmqmTouxtV7JQ31RCkvArtzYU:UpBeXmTFVSwz

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1260	020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8.exe
1260	020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8.exe

C:\Users\Admin\AppData\Local\Temp\020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8.exe
"C:\Users\Admin\AppData\Local\Temp\020afc197e3d6a4a6e846fce254ede04cfe926f576abcc2c3026c1c69906b7a8.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1260

memory/1260-0-0x0000000000400000-0x00000000008FC000-memory.dmp

Filesize
5.0MB

Download
memory/1260-88-0x0000000000910000-0x0000000000911000-memory.dmp

Filesize
4KB

Download
memory/1260-87-0x0000000002E30000-0x0000000002E31000-memory.dmp

Filesize
4KB

Download
memory/1260-89-0x0000000003350000-0x0000000003351000-memory.dmp

Filesize
4KB

Download
memory/1260-92-0x0000000000960000-0x0000000000961000-memory.dmp

Filesize
4KB

Download
memory/1260-147-0x00000000035F0000-0x00000000035F1000-memory.dmp

Filesize
4KB

Download
memory/1260-244-0x00000000033E0000-0x00000000033E1000-memory.dmp

Filesize
4KB

Download
memory/1260-245-0x0000000000400000-0x00000000008FC000-memory.dmp

Filesize
5.0MB

Download