76064a7ffea37135d85b27a1269d2519666b8faef354c725476193092ef4747f | Triage

Analysis

max time kernel
82s
max time network
83s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/06/2024, 14:49

Sharing

Copy URL Twitter E-mail

Reason

Machine shutdown

Report Analysis Logs

General

Target

Media/Common/Programs/CamPlay.exe
Size

320KB
MD5

b7742a7c114f562da8976b71cc9fa49e
SHA1

9f456baef386f317d168a0a7f597b160a351d6b0
SHA256

152511c193312fa90accdcb37255d388d73e6616b0dc6711392f5728cab53d28
SHA512

3cb4959a103edd6ad46ca67743e91117ccfc12de43ad63c641d068357bb744f819a87bde193baee40eb36c97faeb05458c97a7dcb6aad8845c5f1e98d986dc07
SSDEEP

6144:hIyTm1C4q4OQr7ii/a/S1wAZMckHrITFY4x7D+0IeG:5TR4tuiJhYCH7I

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2864	CamPlay.exe
2864	CamPlay.exe

C:\Users\Admin\AppData\Local\Temp\Media\Common\Programs\CamPlay.exe
"C:\Users\Admin\AppData\Local\Temp\Media\Common\Programs\CamPlay.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2864

C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
1⤵
PID:2572

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x0
1⤵
PID:1256

C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x1
1⤵
PID:1752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1256-0-0x0000000002E90000-0x0000000002E91000-memory.dmp

Filesize
4KB

Download
memory/1752-1-0x0000000002AB0000-0x0000000002AB1000-memory.dmp

Filesize
4KB

Download