a79326422c4adeb66935beb69e4ccf575eb3c7091bc26ed3617b398549003e09

Analysis

max time kernel
142s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
23/04/2024, 20:38

Target

ZipQueens.exe
Size

3.0MB
MD5

c6569ab91e2c670e268908604c9117eb
SHA1

442eb9b590a502ab967283bcefb2cf1c246f165a
SHA256

a79326422c4adeb66935beb69e4ccf575eb3c7091bc26ed3617b398549003e09
SHA512

2397967170c7d73e121233518dd31d29bb8c2f21af2c74c362bf0dc5c1405b1dd173059b4e696902b2e64be342d4e56c16ba7a3d69dfa08a364620376913b484
SSDEEP

49152:JM7Yh3k3h4u3jGpIpp9R9rWY/zypyAxD37/+TIgjTt/77bpvl+SgRb:cYh04u3qpIppf9vupd+TI6t/771vl+S8

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
844	ZipQueens.exe
844	ZipQueens.exe

C:\Users\Admin\AppData\Local\Temp\ZipQueens.exe
"C:\Users\Admin\AppData\Local\Temp\ZipQueens.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:844

memory/844-0-0x000001626B860000-0x000001626BB54000-memory.dmp

Filesize
3.0MB

Download
memory/844-1-0x00007FFC05A80000-0x00007FFC06541000-memory.dmp

Filesize
10.8MB

Download
memory/844-2-0x000001626BF40000-0x000001626BF50000-memory.dmp

Filesize
64KB

Download
memory/844-3-0x000001626BF40000-0x000001626BF50000-memory.dmp

Filesize
64KB

Download
memory/844-4-0x000001626BF40000-0x000001626BF50000-memory.dmp

Filesize
64KB

Download
memory/844-6-0x0000016A70EE0000-0x0000016A71686000-memory.dmp

Filesize
7.6MB

Download
memory/844-8-0x00007FFC05A80000-0x00007FFC06541000-memory.dmp

Filesize
10.8MB

Download