6bb1564eca89071edd9c42b84481aed5f3f5aaccedb8f61d6fb892b7f08bdca7

Analysis

max time kernel
41s
max time network
44s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
18-11-2022 06:39

Target

2f8df206ba700503dbebf59e937af0ec.exe
Size

1.1MB
MD5

2f8df206ba700503dbebf59e937af0ec
SHA1

7c36d57af94f2dd16a62c09356b4ef2c63e456fd
SHA256

6bb1564eca89071edd9c42b84481aed5f3f5aaccedb8f61d6fb892b7f08bdca7
SHA512

6fbb58b3e3046498c64ad659db07ecd28357c54d65d2f1cf00220ce1bbd4fa4693dbe2c0df607a801f5cf6757bd5327735448c3babecb997ec85e88049275a59
SSDEEP

24576:+JqzI2HEUvWMJsbHsoO0YTyllU3OWuA5aRn:+JrbG70Y4WFZ8Rn

Score

1^/10

Suspicious behavior: EnumeratesProcesses 5 IoCs

Processes:

2f8df206ba700503dbebf59e937af0ec.exe

C:\Users\Admin\AppData\Local\Temp\2f8df206ba700503dbebf59e937af0ec.exe
"C:\Users\Admin\AppData\Local\Temp\2f8df206ba700503dbebf59e937af0ec.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1348

memory/1348-54-0x0000000002090000-0x00000000024FC000-memory.dmp

Filesize
4.4MB

Download
memory/1348-55-0x0000000002090000-0x00000000024FC000-memory.dmp

Filesize
4.4MB

Download
memory/1348-56-0x0000000000520000-0x00000000005FE000-memory.dmp

Filesize
888KB

Download
memory/1348-57-0x00000000750A1000-0x00000000750A3000-memory.dmp

Filesize
8KB

Download
memory/1348-58-0x000000000B340000-0x000000000B3A9000-memory.dmp

Filesize
420KB

Download
memory/1348-59-0x0000000000520000-0x00000000005FE000-memory.dmp

Filesize
888KB

Download
memory/1348-60-0x000000000B340000-0x000000000B3A9000-memory.dmp

Filesize
420KB

Download
memory/1348-61-0x0000000000520000-0x00000000005FE000-memory.dmp

Filesize
888KB

Download