Resubmissions
31-03-2023 18:49
230331-xgmkhsce75 7Analysis
-
max time kernel
145s -
max time network
34s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
31-03-2023 18:49
Static task
static1
Behavioral task
behavioral1
Sample
OPEN_SETUP_FILE_KMS_PICO_FULL.exe
Resource
win7-20230220-en
windows7-x64
2 signatures
150 seconds
General
-
Target
OPEN_SETUP_FILE_KMS_PICO_FULL.exe
-
Size
9.5MB
-
MD5
40637b33eac9f79cdeb8df7975d80c85
-
SHA1
fb167f4a7c9cfbf14df59accea1961160871c729
-
SHA256
ec6a3b8ca35b6fe0c19c0421fe19f29fc8899d9b25d242f13be26fb08d9e2afe
-
SHA512
e83359d020e2c691ac1df6161948fc3b92b5869e7c29c083c43543c4fc882ceabdde8d1e02ea4abbfd61f80038f6b5ca8a9e6410b8199daf94ec24a83823e14a
-
SSDEEP
196608:pxVQ9qHvHe98YVPEmzF/+Ek9amX46X8bViIJ+11R/c3CKS6:/VQ9qbYVMmt3C7X4NLOX/4CKl
Score
4/10
Malware Config
Signatures
-
Drops file in Program Files directory 2 IoCs
Processes:
OPEN_SETUP_FILE_KMS_PICO_FULL.exedescription ioc process File opened for modification C:\Program Files (x86)\manque1 OPEN_SETUP_FILE_KMS_PICO_FULL.exe File created C:\Program Files (x86)\manque1\__tmp_rar_sfx_access_check_7078997 OPEN_SETUP_FILE_KMS_PICO_FULL.exe -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
OPEN_SETUP_FILE_KMS_PICO_FULL.exepid process 1516 OPEN_SETUP_FILE_KMS_PICO_FULL.exe