5a3dba66b69bb9680986d334b27e1e14a78b25314633b9fb68fd9a77c111c912

Analysis

max time kernel
145s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
29/06/2023, 09:12

Target

5a3dba66b69bb9680986d334b27e1e14a78b25314633b9fb68fd9a77c111c912.exe
Size

691KB
MD5

dc290aafa56cb5837e964b0d0c09bd82
SHA1

5308e053d072d9714cc775f7a57453d703bb3801
SHA256

5a3dba66b69bb9680986d334b27e1e14a78b25314633b9fb68fd9a77c111c912
SHA512

0f7cbc69c84a07c3050fc15d3945d71c69fe90c2944a33ee68d5ab0d27fc3bc7cf7f40af4be88a5fdf3baca79f752a908fe1295d67a3c63b95d27c51f1b90c0a
SSDEEP

6144:TkPpieNGsDLl3DTsObIVZoSVSiMBMFhjg9UIDHKC2lpMFgmcQrw5IEqAzHTEdWkj:T0g5+Lt81gkIEBE9wlC1

Score

5^/10

Drops file in System32 directory 8 IoCs

description	ioc	Process
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{BA1CF56D-FEAB-406B-81FF-3343CB64B28A}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{ACC61E99-21C7-45B6-9E28-41000A5F4F8F}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{5631E698-3450-400D-8A1F-B57D6B75BEF0}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{912FB219-50C7-4C66-BC0C-DD8C61181717}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{79BCCBD7-1400-45ED-954F-4FF6D64B7EBD}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{AC0BFE82-FAC7-4F6F-84FF-A32275C7DF6E}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{A1125EB4-9486-429E-BFEB-028D064EE92F}.catalogItem	svchost.exe
File created	C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{BF4CD385-1AFE-4524-A199-29667C8159AD}.catalogItem	svchost.exe

C:\Users\Admin\AppData\Local\Temp\5a3dba66b69bb9680986d334b27e1e14a78b25314633b9fb68fd9a77c111c912.exe
"C:\Users\Admin\AppData\Local\Temp\5a3dba66b69bb9680986d334b27e1e14a78b25314633b9fb68fd9a77c111c912.exe"
1⤵
PID:3316

C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k netsvcs -p
1⤵
- Drops file in System32 directory
PID:3184