b012eb3950eb6f0b229f1278458763be6f6d2a585365edfde26279ebd86336ae

Analysis

max time kernel
135s
max time network
177s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 09:52

Target

1503a50d9bd0973d4fd49ff1ff60e87b.exe
Size

191KB
MD5

1503a50d9bd0973d4fd49ff1ff60e87b
SHA1

87ed9995efb448489e28cb53893b66ce761103a0
SHA256

b012eb3950eb6f0b229f1278458763be6f6d2a585365edfde26279ebd86336ae
SHA512

f652dea6d8819fa39ceca0b56f395453e1f6cb47142c80e10d3b183f5dd56bdf1537dbb7f14e95a51bf030b6b2bd159d4fdd7057200b519ba687525e1e3876ee
SSDEEP

3072:qIouTbJ0E0O3E2lBF3T60L0gJsoTFuyAXTkbHoqlAGIuQ5FTp/zURINE/NX:qIouW2ZpFzu/Yl+Gu5FTtgRINeB

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\wnkd5ObCjhk	1503a50d9bd0973d4fd49ff1ff60e87b.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File opened for modification	C:\Windows\DOSU.log	1503a50d9bd0973d4fd49ff1ff60e87b.exe
File created	C:\Windows\msagent\wnkd5ObCjhk.exe	1503a50d9bd0973d4fd49ff1ff60e87b.exe
File created	C:\Windows\msagent\wnkd5ObCjhk.lo	1503a50d9bd0973d4fd49ff1ff60e87b.exe
File created	C:\Windows\wnkd5ObCjhk.ico	1503a50d9bd0973d4fd49ff1ff60e87b.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
996	1503a50d9bd0973d4fd49ff1ff60e87b.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\µµ¼º°ÔÀÓ Çö±Ý½Ç½Ã°£ ½Å±ÔÈ¸¿ø ½ÇÁ¦Çö±Ý 10,000¿øÁö±Þ.url

Filesize
130B

MD5
c0f9befd7bca1e79b2d41c7ecd0046b5

SHA1
d5d1a84b2c4cefb4cf102f4a6d182cfe4a25e6ef

SHA256
273e1477b07d8532ffcc974264f315b70c069db2e6e825b48255f04210812ced

SHA512
f9c426ecee8c9e01c8164b095a5924dd486e50c0bfb25dfb24385d01606490c443098a97ac2fa37a2f01923184486043028fc4a25ed84226fc59a34a239ecbe8

Download Submit
memory/996-0-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/996-1-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/996-2-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/996-3-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/996-13-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download