b1490584f0a01026786c1dd5fea77dfee5fecdf59fd5050f8f10e687334dd36d | Triage

Resubmissions

17/05/2024, 17:36

240517-v61gkaag72 1

17/05/2024, 17:35

240517-v6ceqsaf7y 3

Analysis

max time kernel
147s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 17:36

Sharing

Report Analysis Logs

General

Target

Updates/nvcpl/nvmobcsy.chm
Size

49KB
MD5

27aa9775a7355c97c8ee34d3b4cab57a
SHA1

eeeb9d2ef88bc3784282485b57679311b845af8e
SHA256

d9c02a51523d23f804c0a8cec4876df335a593a43ec9200d717bd3ccc724fb61
SHA512

b015479f8d1c9494c2c1fb2dd03b5d5adef45021694dcbecb01774c2c42a59ef0cbcf82d10f58b345e71bc9503ebe1305eb426945dd224756df49600d52c5441
SSDEEP

1536:L5va+bgWJla0fFMz6Lso2WHOX5naCeB2VIwsu:Ba+Ju0fWLx1leB3wJ

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
492	hh.exe
492	hh.exe

C:\Windows\hh.exe
"C:\Windows\hh.exe" C:\Users\Admin\AppData\Local\Temp\Updates\nvcpl\nvmobcsy.chm
1⤵
- Suspicious use of SetWindowsHookEx
PID:492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads