4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
17/01/2024, 20:34

Target

4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0.exe
Size

156KB
MD5

8f1f323e55c85cf6a39a7eb80ecd541c
SHA1

c07788514b0c3940a72b3f4c44500d27d503cd86
SHA256

4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0
SHA512

8e0b4762fdeaf0aeab2f8546003a05cebfb4b241b453a0184f5a3745182291ea295914bfc38e06fe2c436b5906684996451d94637705a9db3a7a49f48f44e389
SSDEEP

1536:9bL7pTd0CA/pZYqasIwASKPn130MoON/AC59t+dZLbaMAi:d5Tdq/pZY9xAm9GbaMAi

Score

3^/10

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2756	4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0.exe
2756	4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0.exe

C:\Users\Admin\AppData\Local\Temp\4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0.exe
"C:\Users\Admin\AppData\Local\Temp\4595f946fc35c53783b95c3628d8d830fa533d1079d3bbef9e910088a27c04e0.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2756

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact