8e1006e5f230f269bb9ce80e5c2b7f3b930cb68f3d975697d45b4e4bae33ce58 | Triage

Analysis

max time kernel
147s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 00:16

Sharing

Report Analysis Logs

General

Target

getword/TextCapture/Help.chm
Size

228KB
MD5

bca17cd577aa13507d6bc8675e1d88b8
SHA1

af9918880636377381cd9d6dc9c844fa020f5cd0
SHA256

21460945c6608ed987a003a9bd94287ddf5ad6f34f9f55d780f8b93fd8137efd
SHA512

6e9c542d405eabc5ce7cd286e263a9fbb69840f9714b236fabe1355aa6636b1ea17e645b41c4097eeee71a174439f8955768a05eb69d1dc09b85e617696d877a
SSDEEP

6144:z/hlgxpsSALsGm8TBKMQY3ULTA3Wd/hIUjYa1Qpo:rhlCppAuiBTkLTAm7RjYuQy

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1940	hh.exe
1940	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\getword\TextCapture\Help.chm
1⤵
- Suspicious use of SetWindowsHookEx
PID:1940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads