Analysis Overview
SHA256
3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654
Threat Level: Likely benign
The file 3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654 was found to be: Likely benign.
Malicious Activity Summary
Unsigned PE
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-03 12:41
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 12:41
Reported
2024-06-03 12:44
Platform
win7-20240220-en
Max time kernel
118s
Max time network
118s
Command Line
Signatures
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe
"C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe"
Network
Files
memory/2904-0-0x0000000000400000-0x0000000000439000-memory.dmp
memory/2904-12-0x0000000000400000-0x0000000000439000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Bugreport_error.ini
| MD5 | c018fdcc6cdc48834094af024b3377bc |
| SHA1 | 0b919287243c5615db0f035413a8891aad068a9e |
| SHA256 | 06f7cff91eeb18d6df9f300217c91162b1e03d0e06129070dab3b724b919de1f |
| SHA512 | acaab55a1d337bafb6b2d334292374c76d9f1a19a9eb13031181522e57f68dfbcdab3040806876cadae124dc80c0ce27cbc6e19fab9d10c22605dcc96ff517c9 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-03 12:41
Reported
2024-06-03 12:44
Platform
win10v2004-20240508-en
Max time kernel
132s
Max time network
122s
Command Line
Signatures
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe | N/A |
Processes
C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe
"C:\Users\Admin\AppData\Local\Temp\3b2e1b47e7bc4a2b145f6eb310bb9b97c8bbfc46bc70015217305965ec295654.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| NL | 23.62.61.171:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 71.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.171:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 138.201.86.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.204.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 205.47.74.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
Files
memory/2020-0-0x0000000000400000-0x0000000000439000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Bugreport_error.ini
| MD5 | 2dff3d21cef0a108c4408ce5f1a98278 |
| SHA1 | 5f109e394eb620c7c9cb0654ba79d2edc9c67e61 |
| SHA256 | 4d809c73cc4d581434259fa166938a024ab39eee5c52c64a3a570a33d02fcbde |
| SHA512 | 1592608df49fa07ccf64cb2a2a0a6c9bec65f2cc5dbcb0c240b88675b3f905b135e68153dd166660f8068291a16b784b6c1ea2a148606810bc079b124f822293 |
memory/2020-12-0x0000000000400000-0x0000000000439000-memory.dmp