12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
16/08/2023, 10:17

Target

12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Size

2.9MB
MD5

862dfba38258601a001f0473aa14f687
SHA1

f7b1f946fb7f25491a035bad2d042ae39e820f99
SHA256

12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b
SHA512

2c7a9b2d1d9c19fdffd15dd020f90b094e28c788bf68ecf5dc63e83b7e32dc62477b524f96de2a3648cb3c8cbab65e6ebe2c5263e735559348ec7753fc7a880c
SSDEEP

49152:N5YQm5dPDv06JzNeTEzQ4lqsabcs2dhKSs0lAfk2W92TzNOV7S3lcCVlKcTdMQtB:XYQm5drv0pRoH/H80lAfk2o2TzNOF+lv

Score

1^/10

Modifies registry class 7 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6E3AF66D-9A24-48db-8670-B13CB4E79FBB}\MiscStatus\1	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6E3AF66D-9A24-48db-8670-B13CB4E79FBB}	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6E3AF66D-9A24-48db-8670-B13CB4E79FBB}\MiscStatus	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6E3AF66D-9A24-48db-8670-B13CB4E79FBB}\MiscStatus\1\TRCU = "1694859463"	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6E3AF66D-9A24-48db-8670-B13CB4E79FBB}\MiscStatus\1\LUCU = "1692181063"	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2528	12ac80118255805874d0236a8d8ccc9baf62da104e0cd689811ca3ebf3ee162b.exe

C:\Users\Admin\AppData\Local\Temp\Log.log

Filesize
415B

MD5
26f1b472f3aa25a8aef803933ed22e96

SHA1
313eb2b5c5717c8c68123e3c5f7bad3a0d4fc421

SHA256
c85b7cea8f17eb48888766780cec8ceb284189b86bb52734dadf9df279ec9ef4

SHA512
e2de9da6e53159dac51fe18a6863dd0118c9840f3899ed9e95273771e72ad5fe2fffdc1310780a2350ecfe5606085c7f9902842d598e4c1c587dd83eaec464ba

Download Submit
C:\Users\Admin\AppData\Local\Temp\Log.log

Filesize
746B

MD5
ada56e2c5526495571c30759ae121298

SHA1
588e18514388e063c7ead94265dc2eb420a55fac

SHA256
f686f34bc369b36d55893b623de205483800ab9c2090787f0ffcd77270fe6385

SHA512
152bca3377b7150b0e9d4aef9b45afcd242a386dc3ab01c1143dfe9c5cce5771f2a161160a80bda163b989ac3ab0ab8c256ba98e8754913cae9c7f2b99763683

Download Submit