ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5

Analysis

max time kernel
44s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
01/10/2022, 21:57

Target

ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
Size

41KB
MD5

052817a6d24a4515a4c2eb8a065c96e0
SHA1

0e315c57dd1c2b73a997d48bc523947b867c63be
SHA256

ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5
SHA512

dc43c2d9cbfbe250870d7d61f7a80ca83bf4a63cce88870779cdaa0742e167557af6826c3806c0272508bda692570565eb750afead99839148f04d0f8a6ee4e1
SSDEEP

768:X5DZ2h94FnpQPn4NSmRFm3qtWiUCb+BHPSNJCTGriVVBonMcFqed6tIDsox:np64jg6tWiUCbnN1GzonMcFR66D

Score

5^/10

Drops file in System32 directory 5 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\tmp	ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
File created	C:\Windows\SysWOW64\tmp	ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
File created	C:\Windows\SysWOW64\WmInit.dat	ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
File opened for modification	C:\Windows\SysWOW64\WmInit.exe	ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
File created	C:\Windows\SysWOW64\WmInit.exe	ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe

C:\Users\Admin\AppData\Local\Temp\ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe
"C:\Users\Admin\AppData\Local\Temp\ff48f0ab62faa98ce8d8ec4e3afcf42632982001916d37045b32eb87dc26dad5.exe"
1⤵
- Drops file in System32 directory
PID:620

memory/620-54-0x0000000000400000-0x000000000050A000-memory.dmp

Filesize
1.0MB

Download
memory/620-55-0x0000000000400000-0x000000000050A000-memory.dmp

Filesize
1.0MB

Download