74d70b7f25bbf1577bd92ba1db9925248699ee33436da8c337003d2fa4b5f7a8

Analysis

max time kernel
141s
max time network
128s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13-10-2023 20:24

Target

NEAS.5998f465311c91bc4d8ea84738159c50.exe
Size

913KB
MD5

5998f465311c91bc4d8ea84738159c50
SHA1

c0f757e89924ba9a657bcc3718ae73c5af985eef
SHA256

74d70b7f25bbf1577bd92ba1db9925248699ee33436da8c337003d2fa4b5f7a8
SHA512

64904551e8a2c6162b7fb004f8d01ff04f9bfc8214e84e46eeb748a24b8c0fcbe02467d1944ee42eaa24f187ca37421992fe37af8118230e2d18e08503a60a91
SSDEEP

12288:YubUPgDU6eRXeto4aQLJMCyUoO29CxIKRnBGQUMPvQV7DfjcMj7io8xyLW:YubNqXeto4ap1teWMm7/Jj7iHyLW

Score

1^/10

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\Software\Classes\4LF	NEAS.5998f465311c91bc4d8ea84738159c50.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Classes\4LF\InitFlags = 0000000000000000000000000000000001000000e7070a0005000d00170015000d006c0200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000	NEAS.5998f465311c91bc4d8ea84738159c50.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2272	NEAS.5998f465311c91bc4d8ea84738159c50.exe

memory/2272-0-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/2272-1-0x0000000000400000-0x00000000004EE000-memory.dmp

Filesize
952KB

Download
memory/2272-2-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/2272-5-0x0000000000400000-0x00000000004EE000-memory.dmp

Filesize
952KB

Download
memory/2272-8-0x0000000000400000-0x00000000004EE000-memory.dmp

Filesize
952KB

Download
memory/2272-11-0x0000000000400000-0x00000000004EE000-memory.dmp

Filesize
952KB

Download
memory/2272-14-0x0000000000400000-0x00000000004EE000-memory.dmp

Filesize
952KB

Download