Analysis
-
max time kernel
90s -
max time network
136s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
05-10-2022 09:15
General
-
Target
TeleportUltraPortable/App/Teleport Ultra/scheduler.exe
-
Size
320KB
-
MD5
886b390fcc2578e9f68c987d145d8516
-
SHA1
a8cee48d09fe6430b84ea2a71a9e4527ebf389f8
-
SHA256
4cc1d94ab7eae85264501de09f596d603905ea714d9ee5a6e087efb3deae5105
-
SHA512
26aff2983a7782bc3e5e89394a0b0d6c10aac259a1e6ec027749867ad67edb13ba0070fd24aa0f80088a117f030748297d5565809d5cbea85f53b194eb927750
-
SSDEEP
6144:hQZrIbcpKjcOaHz8sEMWyObNhmJd/Dl6yo:hQJWmKjqz8uWychmJdLlD
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of SendNotifyMessage 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\TeleportUltraPortable\App\Teleport Ultra\scheduler.exe"C:\Users\Admin\AppData\Local\Temp\TeleportUltraPortable\App\Teleport Ultra\scheduler.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage