6fd01e7c046a0dbee635b69f5457a6d62405fd16faa30b708b8ecf41847867fd | Triage

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
10-07-2024 02:06

Sharing

Report Analysis Logs

General

Target

hscangui.exe
Size

124KB
MD5

42be6717898901b0dc245800a219a3d1
SHA1

af8aced0a78e1181f4c307c78402481a589f8d07
SHA256

c9ec10f0be2bc81c2f3703b9b258a55f662d7fd78e4be0c3e24a6f2502978ddc
SHA512

4848f98f1a633cee19a38f83a11a35b5a18dfb9f0250413b1077c1dd38ab2305997a52b1d6eee78a862109f604fc1f24f2ff01badb3beabe11141bcf8e967ef8
SSDEEP

1536:MP4EawbCxws7yDKZvB+Dk1BTqgM35r9zN8PZlmuMJYqOgvP3/QXL:YKZ5+Dk13+qP/yl/HvQXL

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4680	hscangui.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
4680	hscangui.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4680	hscangui.exe
4680	hscangui.exe

C:\Users\Admin\AppData\Local\Temp\hscangui.exe
"C:\Users\Admin\AppData\Local\Temp\hscangui.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:4680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4680-0-0x0000000000E20000-0x0000000000E35000-memory.dmp

Filesize
84KB

Download
memory/4680-1-0x0000000000E20000-0x0000000000E35000-memory.dmp

Filesize
84KB

Download