e5d04853d987aaf6e91c6b9cf448d26ba87320896075929e2fb3c6fa84f07c45 | Triage

Analysis

max time kernel
11s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
15/09/2022, 06:02

Sharing

Reason

platform exec: image=C:\Users\Admin\AppData\Local\Temp\SnippingTool.exe command="C:\Users\Admin\AppData\Local\Temp\SnippingTool.exe" wdir=C:\Users\Admin\AppData\Local\Temp Payload error: %1 is not a valid Win32 application.

Report Analysis Logs

General

Target

SnippingTool.exe
Size

3.2MB
MD5

b7b2f164769c738d5cb30a418eeae8b2
SHA1

7af2e12d6d0283886f90f22d3ac7d8a9677ce0a9
SHA256

9f769e52ac15ae1d0b6a3da293f612ac24303882b1d49ef7a5105ed1b24210d3
SHA512

24921344e215e1bc197cfe8bd0e163a295cb000a6d5ec03c67cd261aac436a7e200cfda9b4d55e6dd95e3dc3efeebe17a3a87cc8556e8d714d7c2823631c7f8a
SSDEEP

98304:MYFlxL4TsqaA2SRmXUrymuXB2rmaOOaCa2PKCZZNRwtPV3Oy:MYFvDqaA2SRmXUrymuXB2rmaOOaCa2Po

Score

1^/10

Malware Config

Signatures

C:\Users\Admin\AppData\Local\Temp\SnippingTool.exe
"C:\Users\Admin\AppData\Local\Temp\SnippingTool.exe"
1⤵
PID:1188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads