Analysis
-
max time kernel
287s -
max time network
318s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system -
submitted
25-11-2022 12:41
Static task
static1
Behavioral task
behavioral1
Sample
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe
Resource
win10v2004-20221111-en
General
-
Target
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe
-
Size
977KB
-
MD5
73bfe4145034eeb9da2fa0ef8c8a31f3
-
SHA1
cdbaa17503b5cafdb6aadbd71b6113126d4ca4d5
-
SHA256
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88
-
SHA512
364e451f45ade852384905575e2ce1184dde10dc04e2875a5d39c031b8e9180c406af1d03874f147786bc2da7c2ce6ad9979cf9929c3dd0ef76a0ad9098f310f
-
SSDEEP
12288:Itb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgaCgdq8pq+c26A:Itb20pkaCqT5TBWgNQ7aW8pzc26A
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 43 IoCs
Processes:
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exepid process 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe -
Suspicious use of SendNotifyMessage 43 IoCs
Processes:
bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exepid process 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe 3364 bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe"C:\Users\Admin\AppData\Local\Temp\bb089fc3d7ef9cdd7e0034f8d391607ea5a19108aaf3566842c1910da2ffad88.exe"1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:3364