4fd30c8457613f08034a3bcb0fcda12b55fea328867b1629b076c5b36b40e3fa

Analysis

max time kernel
135s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
13/06/2023, 19:41

Target

ERPOpenAPIConfig.exe
Size

191KB
MD5

f36714a0e43b2da9e53adc2a92ce3c63
SHA1

a270e0ff2d29b46b99b24e9272ae718d8c53fcca
SHA256

4fd30c8457613f08034a3bcb0fcda12b55fea328867b1629b076c5b36b40e3fa
SHA512

9501f2fb169f6364df582c47f9df5c4a67a95812fbbb9cf927da6258ef020b78bd215d45145808d447ac34cf70179ae78c061bf2d4b6109005d8665c47807dd9
SSDEEP

3072:M1kIHxH3g7/UTauTDPrWb9268GOM8uBqXUrOzRgfCwVf46CVVVVVV:MjdJlGOlDUWwCIIVVVVVV

Score

1^/10

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4876	ERPOpenAPIConfig.exe

C:\Users\Admin\AppData\Local\Temp\ERPOpenAPIConfig.exe
"C:\Users\Admin\AppData\Local\Temp\ERPOpenAPIConfig.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4876

memory/4876-133-0x0000000000900000-0x0000000000936000-memory.dmp

Filesize
216KB

Download
memory/4876-134-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4876-135-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4876-136-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4876-137-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4876-138-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download
memory/4876-139-0x0000000002AE0000-0x0000000002AF0000-memory.dmp

Filesize
64KB

Download