6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da

Analysis

max time kernel
217s
max time network
336s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
01-12-2022 03:27

Target

6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Size

140KB
MD5

6634c9a7de636ee3adab811311e3155b
SHA1

20b3b477240c7633a1f69dfca835ea3d82f1fff4
SHA256

6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da
SHA512

d967968871a6cfd1b9ef74a9ba16616e17349c1cf09b1732128320973b7e8de51d3bae666d6888afccd1a99f38ede4efd8fce70124e2a29de99e07294e78e3ed
SSDEEP

3072:hpUF8fS/HRJ2BD1Li6y0SWMF/FvxxImNXwI0M6/:Xms5iLXWMFtvxxIghxQ

Score

1^/10

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\raifu\\command	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\raifu	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\raifu	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}	6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe

C:\Users\Admin\AppData\Local\Temp\6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe
"C:\Users\Admin\AppData\Local\Temp\6f9917f81b78bc3ce9e3620911679fff193b65b28da89357a4a4e33f4d2494da.exe"
1⤵
- Modifies registry class
PID:568