3c2c79738c6eea93535057a49c8f7d2236fc4866e1a2ab97c4f8ba0b7723ce4f

Analysis

max time kernel
142s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
07/07/2023, 15:02

Target

LeoMoon CPU-V.exe
Size

1.5MB
MD5

af757df1cf001bb6dabc6f50761df70c
SHA1

d2eb3bd455df43503dbef2728dab9861c4dabfdc
SHA256

3c2c79738c6eea93535057a49c8f7d2236fc4866e1a2ab97c4f8ba0b7723ce4f
SHA512

c66879f92ea9797057c57998e55c05ab05ccf0c35d460c030e1c16af5c24156fa81ccce8a0636c54723e797d8cc68c1a351aaaa6518aea5ffb7863c0c64e3ff4
SSDEEP

49152:7TvC/MTQYxsWR7a5/Z7mL9msPkNqbAMMMg:vjTQYxsWRCmnknMMMg

Score

1^/10

NTFS ADS 1 IoCs

description	ioc	Process
File opened for modification	C:\Users\Admin\AppData\Local\Temp\winmgmts:{impersonationLevel=Impersonate}!\root\cimv2	LeoMoon CPU-V.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
3720	LeoMoon CPU-V.exe

C:\Users\Admin\AppData\Local\Temp\CPU-V.dll

Filesize
84KB

MD5
c324caacf1859269a6d0e7465644891d

SHA1
3b962eeebdcad3f99d1d74d417186b9e24417d84

SHA256
62cce2c15b1b06e3f7cc89c6707b437b010163d93ece7d40c349103d097987fb

SHA512
51a631092201de03e144e9a7112ae0af095379c9139fc309a043f8b71e593453230ba75d2089be82c59e5a62d353b0dc2294d850d42645d398e9e6ac08c238d7

Download Submit
C:\Users\Admin\AppData\Local\Temp\CPU-V.ini

Filesize
11KB

MD5
71aeb97dda8b98fb3dd0eccde3610b73

SHA1
48dbad3303ffc7814a8e1c5962f3058f0b298257

SHA256
ba2267e8aa29108d63fd826e1fd3481bf905b4f1ec6f5de87ecce49378f8dc5b

SHA512
317ff8c725a72ed8d9f065b8e78c62193bae3a66d4ac8f7e163f04fb5b26ce98b6343639dd5d91481a9f44fdc49ea350baf7947858425b250c18a4d00c59b3fe

Download Submit
memory/3720-168-0x0000000002920000-0x0000000002921000-memory.dmp

Filesize
4KB

Download