150ac1fb1dfc122655f683b3ec40e672d815c03699fb68a69917eb7b8ae8373d | Triage

Analysis

max time kernel
122s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07/03/2025, 23:45

Sharing

Report Analysis Logs

General

Target

antinashook/hook.dll
Size

844KB
MD5

e26c4fea3d7b3c8fd631b3403af54f6c
SHA1

ee9f3a80b0d6f87a626488ae0c3f63acdb8cf426
SHA256

62af1a5367438c9f888b66dcd5465c5a1f4722519cf39abc1e35b636c43932fc
SHA512

79d57a0bec8cbd1831e57cce54b124a322024547735be330688e524bbcd971641aa50962b14338f0144aeae4def17b399a1f88aecc80eef0c1a17f80a9fb894e
SSDEEP

12288:Bfi/nYHesZrCRtvCkM/YCdD6E01BR0nqS8FSi5rGbV:9iPY+s5CHvCkMQCtKR0q9FBmV

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2128	rundll32.exe
2128	rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\antinashook\hook.dll,#1
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2128-0-0x0000000077460000-0x0000000077461000-memory.dmp

Filesize
4KB

Download