8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736

Analysis

max time kernel
68s
max time network
120s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
03-12-2022 20:58

Target

8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736.exe
Size

190KB
MD5

8ef81c33aa3d4b244bbbec6f88c82b03
SHA1

f32fb961ab232e748f9f2b1c152643c8cb2e5ffe
SHA256

8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736
SHA512

80dff74ce3d48e257996f54c1f786bbbb16455b5594403a3f115c5a887e029f20a248e735e7f0c2d89af4156e92fad318a50f83adde66117937773106c0b7106
SSDEEP

3072:JqdFy78eBqpxcsRjMNlazKEoEjWiovE5ZOnMp9QqhRI+k+K1WhK99:EdWAp+QyiSE5ZOnMp9phRX+4

Score

8^/10

Drops file in Drivers directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\svchosts.exe	8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736.exe
File opened for modification	C:\Windows\SysWOW64\drivers\svchosts.exe	8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736.exe

Executes dropped EXE 1 IoCs

pid	Process
1816	svchosts.exe

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\sLT.exf	svchosts.exe

C:\Users\Admin\AppData\Local\Temp\8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736.exe
"C:\Users\Admin\AppData\Local\Temp\8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736.exe"
1⤵
- Drops file in Drivers directory
PID:1844

C:\Windows\SysWOW64\drivers\svchosts.exe

Filesize
190KB

MD5
8ef81c33aa3d4b244bbbec6f88c82b03

SHA1
f32fb961ab232e748f9f2b1c152643c8cb2e5ffe

SHA256
8ff8e6684387cd833527e9728d69cdcdcbd1c409c6e0d9e435e021a78d1f3736

SHA512
80dff74ce3d48e257996f54c1f786bbbb16455b5594403a3f115c5a887e029f20a248e735e7f0c2d89af4156e92fad318a50f83adde66117937773106c0b7106

Download Submit
memory/1844-54-0x0000000075D01000-0x0000000075D03000-memory.dmp

Filesize
8KB

Download