58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22

Analysis

max time kernel
111s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 20:11

Target

58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe
Size

107KB
MD5

91cb9319aadcf795ad0901a9ba19cf50
SHA1

8acab8907a229304bf9f09f0a8ad74a8969045df
SHA256

58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22
SHA512

de174c53a16e5b75631a3e1bf24f36cb95ab94b9c5d186661b1a52279da908a2c627fa861c639fdaf3d56b8caf3922e5dcfef7157a123657d01b9d08cf1a2cb1
SSDEEP

1536:ZapS37SJaEBS6dLTJrqCjTjA91wVkOkCcSpjVrs2ryrd1vUQuqQGFNiNwc+c:4pEQRz/mCs91wJVHs2quGf9

Score

4^/10

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Program Files\ExitPush.shtml	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe
File opened for modification	C:\Program Files\Java\jdk1.8.0_66\db\README-JDK.html	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe

Modifies registry class 4 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4414B11A-49AC-E82A-46B4-B6852A448CFF}	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4414B11A-49AC-E82A-46B4-B6852A448CFF}\ = "elesxbtesrwtskth"	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4414B11A-49AC-E82A-46B4-B6852A448CFF}\LocalServer32	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4414B11A-49AC-E82A-46B4-B6852A448CFF}\LocalServer32\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe"	58f18fecd061b8596e08c155fa1b3989a6c6c88853c2d71e1a6e975d65914e22.exe

memory/4840-132-0x0000000000400000-0x0000000000432000-memory.dmp

Filesize
200KB

Download
memory/4840-133-0x0000000000440000-0x000000000045E000-memory.dmp

Filesize
120KB

Download
memory/4840-134-0x0000000000440000-0x000000000045E000-memory.dmp

Filesize
120KB

Download
memory/4840-135-0x0000000000400000-0x0000000000432000-memory.dmp

Filesize
200KB

Download
memory/4840-136-0x0000000000440000-0x000000000045E000-memory.dmp

Filesize
120KB

Download