Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/06/2024, 15:07

General

  • Target

    qqkeybord1/Defend.exe

  • Size

    48KB

  • MD5

    c68a6ec79d0e3f2221898d645c38449e

  • SHA1

    9ef9cd0f8e1f835bf2897b5d9084c378ababf736

  • SHA256

    ad4376dfc806c2f3c017f488e200a0fc7040c3045c30cf63d9ac7be27f497fae

  • SHA512

    69cc9d34d6fed9d709cce473b770416e243cd647722ec5e163751c0a24e9025b54d649a6632877eb1da33c3cd7665ecbd062896ddb086f8d668b803f6789ebc2

  • SSDEEP

    384:dLoqlBFR78M7itUUA1qsImADQ5+1uiLj6zXqRevhD+q4KRpPdOJaTXOuKUWzUqEd:dLJTR5DUAwWAD+iyzP54cPCa+zzQEt0

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\qqkeybord1\Defend.exe
    "C:\Users\Admin\AppData\Local\Temp\qqkeybord1\Defend.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2320
    • C:\Users\Admin\AppData\Local\Temp\qqkeybord1\Deamon.exe
      "C:\Users\Admin\AppData\Local\Temp\qqkeybord1\Deamon.exe"
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:208

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads