fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea

Analysis

max time kernel
42s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
01/12/2022, 09:22

Target

fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea.exe
Size

200KB
MD5

29b6ec9c7c4b3d81578c0579748001b7
SHA1

8568a9e1cbdf389fb307278088ed3f0269a341ad
SHA256

fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea
SHA512

5a240a1b1e8b6ad4a474b22e3a0d7bd17c6ffed3e2d70e860ca2011be4a25dfd2a733be1c14529980970ad73ec41188a6677b06ab3536fd3ab6c936121dbbbe1
SSDEEP

3072:LFYZzOR43lGfMuTsPO7dXcYjwyhuuWQvKgTon861ocAF+kVF0Vv39:BYZOI43fO8mOJF6v

Score

8^/10

Executes dropped EXE 1 IoCs

pid	Process
1796	monilor.exe

Drops file in System32 directory 3 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\sLT.exf	monilor.exe
File created	C:\Windows\SysWOW64\monilor.exe	fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea.exe
File opened for modification	C:\Windows\SysWOW64\monilor.exe	fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea.exe

C:\Users\Admin\AppData\Local\Temp\fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea.exe
"C:\Users\Admin\AppData\Local\Temp\fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea.exe"
1⤵
- Drops file in System32 directory
PID:1776

C:\Windows\SysWOW64\monilor.exe

Filesize
200KB

MD5
29b6ec9c7c4b3d81578c0579748001b7

SHA1
8568a9e1cbdf389fb307278088ed3f0269a341ad

SHA256
fffd0ce842766b55bd72a7860204106f5ced1ec176424db72d00347f1b83c4ea

SHA512
5a240a1b1e8b6ad4a474b22e3a0d7bd17c6ffed3e2d70e860ca2011be4a25dfd2a733be1c14529980970ad73ec41188a6677b06ab3536fd3ab6c936121dbbbe1

Download Submit
memory/1776-54-0x0000000075DF1000-0x0000000075DF3000-memory.dmp

Filesize
8KB

Download