Analysis
-
max time kernel
0s -
max time network
20s -
platform
windows10-2004_x64 -
resource
win10v2004-20240221-en -
resource tags
arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system -
submitted
26-02-2024 02:14
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
a52ee5952971f06207484b70ef4db701.exe
Resource
win7-20240221-en
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
a52ee5952971f06207484b70ef4db701.exe
Resource
win10v2004-20240221-en
2 signatures
150 seconds
General
-
Target
a52ee5952971f06207484b70ef4db701.exe
-
Size
534KB
-
MD5
a52ee5952971f06207484b70ef4db701
-
SHA1
63b1fa086b655c080ee192568a431b8e6f909596
-
SHA256
8635fc5fba6998e0d41633828c656dc79898e5a5d3146c943ee35fde37c29946
-
SHA512
acef8ac8694f0b13a614681ac7163efc11b12a39e4bdbde83f5c3041545d00d6460bc65d5fe995f38e159de8394531f218b4a0e758157acdce4ebce096398f30
-
SSDEEP
12288:NopMmVHZUm1Cu0/2ufK/lGRgOUqmq9kR6lhKXGSR0mSuraB8B0/pGO:NSM+aWCuMRK/cRgOnmq9g61ura2BMGO
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
a52ee5952971f06207484b70ef4db701.exepid Process 3184 a52ee5952971f06207484b70ef4db701.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
a52ee5952971f06207484b70ef4db701.exedescription pid Process procid_target PID 3184 wrote to memory of 4356 3184 a52ee5952971f06207484b70ef4db701.exe 88 PID 3184 wrote to memory of 4356 3184 a52ee5952971f06207484b70ef4db701.exe 88 PID 3184 wrote to memory of 4356 3184 a52ee5952971f06207484b70ef4db701.exe 88
Processes
-
C:\Users\Admin\AppData\Local\Temp\a52ee5952971f06207484b70ef4db701.exe"C:\Users\Admin\AppData\Local\Temp\a52ee5952971f06207484b70ef4db701.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:3184 -
C:\Users\Admin\AppData\Local\Temp\a52ee5952971f06207484b70ef4db701.exeC:\Users\Admin\AppData\Local\Temp\a52ee5952971f06207484b70ef4db701.exe2⤵PID:4356
-