Analysis
-
max time kernel
21s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
24-05-2022 02:35
Static task
static1
Behavioral task
behavioral1
Sample
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe
Resource
win10v2004-20220414-en
windows10-2004_x64
0 signatures
0 seconds
General
-
Target
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe
-
Size
1.3MB
-
MD5
0e78000e437cd96f82bb5775d724eccc
-
SHA1
c8218b5fff41b832fd02022b894f16f35d848139
-
SHA256
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae
-
SHA512
49fdd084367e4295c12d896f972b6b1a9a4393fc3ecfbcc28fb45209bb72156d1003f74babd1ecda6448caea8aaa5394e62b02f204292a185b346f24ab7a508f
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 3 IoCs
Processes:
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exepid process 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe -
Suspicious use of SendNotifyMessage 3 IoCs
Processes:
f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exepid process 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe 2008 f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe"C:\Users\Admin\AppData\Local\Temp\f80bfb46b8ec5e2b7c7d2af9865af51e161dd4d4f96df47c9c85ca09779370ae.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2008