b1490584f0a01026786c1dd5fea77dfee5fecdf59fd5050f8f10e687334dd36d | Triage

Resubmissions

17/05/2024, 17:36

240517-v61gkaag72 1

17/05/2024, 17:35

240517-v6ceqsaf7y 3

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 17:36

Sharing

Report Analysis Logs

General

Target

Updates/nvcpl/nvmobnld.chm
Size

49KB
MD5

6e754126d7299264af5b96e5eacf468c
SHA1

3e79b915bf4b098e2b15ebab3a3d22518e31d236
SHA256

975a15943553c1c183cb87476c52d16df24139d400f7bebcd69589c582b1a923
SHA512

aa715a9d5dd51f1acbf64a05fed0149d0ee5ac0eef0494b2f2226551e8603df4126add03d2730807f4b7b2ba5940262ca413a74ff5367801e585713268986f49
SSDEEP

768:l/6uzhQRj/0vDhxmR5xuv8K206oa8g/nqtWHjmeXCD:l/Rzas/Q5xuv8K2v/nqajm6CD

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2640	hh.exe
2640	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\Updates\nvcpl\nvmobnld.chm
1⤵
- Suspicious use of SetWindowsHookEx
PID:2640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads