b1068a56b6b4b89a7fca5c52456fe87fb537322aafdb7b6d2da670a013a664ca

Analysis

max time kernel
212s
max time network
240s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 07:17

Target

tmp.exe
Size

7.6MB
MD5

e34b9fd48580f3058b7fa27fde649181
SHA1

4200306b41be712f215feca2a4db6ecc4832371e
SHA256

b1068a56b6b4b89a7fca5c52456fe87fb537322aafdb7b6d2da670a013a664ca
SHA512

ac6c9e03fd51a92b5d6b0dbb23e76d5b32a074b35375004428cf4041edd97604dfc53cca8ddcfc52254e60c91a402ffd75e9996db87f7b6aedb825a09a9e9bbf
SSDEEP

98304:0hhf5NjU/XrszGlU20z6ssUH9wMgQxlL0kJDnU0KLtLro+vzWHFmaWvOz/NhPBAa:0hR8sEU20Ww6MxlXJDU0K5LrRvc2SvJf

Score

1^/10

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

tmp.exe

pid process

5108 tmp.exe

pid	process
5108	tmp.exe

C:\Users\Admin\AppData\Local\Temp\tmp.exe
"C:\Users\Admin\AppData\Local\Temp\tmp.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:5108