2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884

Analysis

max time kernel
91s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
15-10-2022 19:37

Target

2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
Size

481KB
MD5

64f8ab7f01f58075936cecb8f48ec10e
SHA1

4b09aef19ef855b03a51cb1d0d8d1ce6895d4246
SHA256

2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884
SHA512

cfdad04d46e0728ac1ced12b0c11f7181ba5ef6c623f359677ae8b3180ec6db5c563431e6e99aaf0bee11f3b87d0bfbc102042269e4997eca93d0d4dd8944c3f
SSDEEP

12288:3n6wWgwP5Z7NgLvq6IpkAsEiyqLLUfhRTVR+WHH:3nNWNP2LQp1s3LL8n

Score

1^/10

Modifies registry class 5 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2891029575-1462575-1165213807-1000_Classes\WOW6432Node\CLSID\{B759E5BB-901C-4ddb-A41A-A9544FC3A6E2}	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2891029575-1462575-1165213807-1000_Classes\WOW6432Node\CLSID\{B759E5BB-901C-4ddb-A41A-A9544FC3A6E2}\DefaultIcon\ = "C:\\WINNT\\EXPLORER.EXE,0"	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
Key created	\REGISTRY\USER\S-1-5-21-2891029575-1462575-1165213807-1000_Classes\WOW6432Node\CLSID\{B759E5BB-901C-4ddb-A41A-A9544FC3A6E2}\DefaultIcon	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
Key created	\REGISTRY\USER\S-1-5-21-2891029575-1462575-1165213807-1000_Classes\WOW6432Node	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
Key created	\REGISTRY\USER\S-1-5-21-2891029575-1462575-1165213807-1000_Classes\WOW6432Node\CLSID	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
5060	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe
5060	2d7317e89b306e3544711b6c04e20da74589c723107695313a53650de7c09884.exe

memory/5060-132-0x0000000000400000-0x000000000070A000-memory.dmp

Filesize
3.0MB

Download
memory/5060-133-0x0000000000400000-0x000000000070A000-memory.dmp

Filesize
3.0MB

Download