795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef

Analysis

max time kernel
90s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
29-10-2022 22:27

Target

795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Size

180KB
MD5

48321e92b7c32cfa3559d3cb04f9afd1
SHA1

126f6cad5e34b2c1a520d20d6a4bf2181c781649
SHA256

795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef
SHA512

6a5a581468ef287275f79137c5ee1ebb8f7488681d226beca343617e529cb173c4299e1d3f71a503a28318d3a5c8c4b3d207968e1de2a13f336194ba7dbe7aee
SSDEEP

3072:g+58nJYDV1YVE6EiCEHMZVafOw95pEcvJoCkFVcTsuZfJ:g+/DV6dCEHOafOwpEcv2CqCwuZR

Score

1^/10

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\tuibk\\command	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\tuibk	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\tuibk	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID	795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe

C:\Users\Admin\AppData\Local\Temp\795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe
"C:\Users\Admin\AppData\Local\Temp\795dce81f759c0a0ab92e4239b596063fdbbe568133aaad495a691d6bbf036ef.exe"
1⤵
- Modifies registry class
PID:2288