fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0

Analysis

max time kernel
43s
max time network
51s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 11:07

Target

fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe
Size

1.7MB
MD5

ec46d3e505306592138a30851ddeb3ba
SHA1

90a56e7f0f32feeab9f4e088e4cd6bbb6fba455a
SHA256

fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0
SHA512

aea4d8a9a03c642e3a0ad5e68d998a8a1ef8c350ba4ff60b6e283b6b3ec6f84fa6b8cf2eed720d985feebff56350272c6f88a1832b16c1f8fdf6f593bd9cd7f8
SSDEEP

24576:cW9Ss3ygbaprqDoXFIRuxUjBl1XB/rcie99wMAkAlLv5bm6R0bCKZmoJnu:cW9bygbY2DTVjBl1tOHjhAlLDRYgEu

Score

5^/10

Drops file in System32 directory 3 IoCs

Processes:

fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe

description	ioc	process
File created	C:\WINDOWS\SysWOW64\__tmp_rar_sfx_access_check_7081805	fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe
File created	C:\WINDOWS\SysWOW64\GbpDistn.dll	fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe
File opened for modification	C:\WINDOWS\SysWOW64\GbpDistn.dll	fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe

C:\Users\Admin\AppData\Local\Temp\fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe
"C:\Users\Admin\AppData\Local\Temp\fddedbb80e3c894b500912128b3632dc6cd3b6fa46466203e86a981126260eb0.exe"
1⤵
- Drops file in System32 directory
PID:1092

memory/1092-54-0x0000000074C91000-0x0000000074C93000-memory.dmp

Filesize
8KB

Download