Analysis
-
max time kernel
163s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-20220310-en -
submitted
20-03-2022 01:28
Static task
static1
Behavioral task
behavioral1
Sample
8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f.exe
Resource
win7-20220311-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f.exe
Resource
win10v2004-20220310-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f.exe
-
Size
1.6MB
-
MD5
2418bc399c5e287e7c25c7c0d83a5c13
-
SHA1
a3e6d95474651b6ccd55cf125c898792507fc958
-
SHA256
8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f
-
SHA512
cc548c5b2e1281185c53ee8d941f8e681cf9a3f11df20e7b1eb98ea07b1521b02677e7e4b7f8ae1dc6ffcdfc477ce7ba1c3e862c6a671a01e7dd147206dd19a2
Score
1/10
Malware Config
Signatures
-
Modifies data under HKEY_USERS 1 IoCs
description ioc Process Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections svchost.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f.exe"C:\Users\Admin\AppData\Local\Temp\8ea3556813e7d871f37b1d3954c278a08da132f48f5d5c475c075415b9adba9f.exe"1⤵PID:4480
-
C:\Windows\System32\svchost.exeC:\Windows\System32\svchost.exe -k netsvcs -p -s BITS1⤵
- Modifies data under HKEY_USERS
PID:2352