998fe1bc6d19fac4a560e00a038c487fb79c14979b2929e0d7db395030bd6945

Analysis

max time kernel
157s
max time network
199s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
07-11-2023 14:48

Target

wintaylor2.1/Programs/Imager/FTKImager.exe
Size

8.6MB
MD5

fe7c1a0aeae7bb0725221a3f8feee823
SHA1

bb12b94e2c40cbdbf9d91552bd5ccba0ab8cd760
SHA256

d64a6b078d8d68b8cca48ad36f9a1b98f3010da2c7f585a6a687086feab0662c
SHA512

4735d296722c03de03049e00eac67f76669110560d35155f2e78e74bb2ad6e76eed24f2aa35bfa7c717779d377e26a990c2a8b83214f544c3d1ab4cbd3ede334
SSDEEP

196608:s7l4VWz9hhWU0chIVNdn8crTRJdkbHb6xLLDa+2YNGUw:FVWvblhIVNdn8cPZu76xLLDY

Score

1^/10

Suspicious use of SetWindowsHookEx 4 IoCs

C:\Users\Admin\AppData\Local\Temp\wintaylor2.1\Programs\Imager\FTKImager.exe
"C:\Users\Admin\AppData\Local\Temp\wintaylor2.1\Programs\Imager\FTKImager.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4716

memory/4716-0-0x00000000012A0000-0x000000000139F000-memory.dmp

Filesize
1020KB

Download
memory/4716-2-0x00000000013A0000-0x00000000013AE000-memory.dmp

Filesize
56KB

Download
memory/4716-3-0x00000000013B0000-0x0000000001D57000-memory.dmp

Filesize
9.7MB

Download
memory/4716-5-0x0000000001E20000-0x0000000001E33000-memory.dmp

Filesize
76KB

Download
memory/4716-7-0x0000000001E40000-0x0000000001E4F000-memory.dmp

Filesize
60KB

Download
memory/4716-6-0x0000000001D80000-0x0000000001E1A000-memory.dmp

Filesize
616KB

Download
memory/4716-10-0x0000000003910000-0x0000000003928000-memory.dmp

Filesize
96KB

Download