8ef176944e54df85db028979ceb66b2b6e807b1615f4254c273d4b433caec0dd

max time kernel
9s
max time network
13s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
20/10/2024, 16:28 UTC

Sharing

Target

dl2.exe
Size

849KB
MD5

c2055b7fbaa041d9f68b9d5df9b45edd
SHA1

e4bd443bd4ce9029290dcd4bb47cb1a01f3b1b06
SHA256

342f04c4720590c40d24078d46d9b19d8175565f0af460598171d58f5ffc48f3
SHA512

18905b75938b8af9468b1aa3ffbae796a139c2762e623aa6ffb9ec2b293dd04aa1f90d1ed5a7dbda7853795a3688e368121a134c7f63e527a8e5e7679301a1dc
SSDEEP

12288:A3RY3yNqMRTF4q2rxHn2ot/81xpNQyjUXlmoe7ufjHAtjXD7r2:A3RY3R24q+xn/8Xp2yOl5fzQ/2

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4776	dl2.exe
1528	dl2.exe

C:\Users\Admin\AppData\Local\Temp\dl2.exe
"C:\Users\Admin\AppData\Local\Temp\dl2.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4776

C:\Users\Admin\AppData\Local\Temp\dl2.exe
C:\Users\Admin\AppData\Local\Temp\dl2.exe {628891E1-9277-467A-95BF-744A80F2F70F}
1⤵
- Suspicious use of SetWindowsHookEx
PID:1528

memory/1528-17-0x0000000000540000-0x0000000000640000-memory.dmp

Filesize
1024KB

Download
memory/1528-10-0x0000000002260000-0x0000000002290000-memory.dmp

Filesize
192KB

Download
memory/4776-1-0x0000000002380000-0x00000000023B0000-memory.dmp

Filesize
192KB

Download
memory/4776-8-0x0000000000650000-0x0000000000750000-memory.dmp

Filesize
1024KB

Download
memory/4776-18-0x0000000000650000-0x0000000000750000-memory.dmp

Filesize
1024KB

Download