9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20231023-en
resource tags

arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
submitted
23/11/2023, 23:12

Target

9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe
Size

3.8MB
MD5

0c02b8c649e9cae3badb48dd567ca141
SHA1

0829a8aebea98df21d9b0b0e1009333d6ed76136
SHA256

9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b
SHA512

e6423183806b352761df8e7908ac0caef67e02aa9d1b83298b2a9d293a27c8046a6b654449c5c9f35ea5c350f40040c3527d16391545bf2fb233fabb37a34c96
SSDEEP

98304:P9vmVqrGCxqFx495Tc5u8ZeILALlfgpLDGg8hhVaokO:PRmQrSx4auSDLAxgJDGgroV

Score

1^/10

Runs .reg file with regedit 1 IoCs

pid	Process
2616	regedit.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2772	9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2772 wrote to memory of 2616	2772	9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe	28
PID 2772 wrote to memory of 2616	2772	9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe	28
PID 2772 wrote to memory of 2616	2772	9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe	28
PID 2772 wrote to memory of 2616	2772	9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe	28

C:\Users\Admin\AppData\Local\Temp\9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe
"C:\Users\Admin\AppData\Local\Temp\9cee0b7b85e08f96545e459f1d5cc3f21b274d85fbf99c11aa9529a332ce5f4b.exe"
1⤵
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:2772
- C:\Windows\SysWOW64\regedit.exe
  regedit /s C:\Users\Admin\AppData\Local\Temp\GoodZip-22357-Regedit.reg GoodZip-22357-Regedit.reg
  2⤵
  - Runs .reg file with regedit
  PID:2616

C:\Users\Admin\AppData\Local\Temp\GoodZip-22357-Regedit.reg

Filesize
78B

MD5
f9a7373b8c743305fee99680bd02a7db

SHA1
17e28906afc3a95cd1332f74ee4a88f1ab1da9d0

SHA256
132d7079a95b9965f8dfd6dc070c2601f715219d1bccca0b1323ad2a8edd8e00

SHA512
8eeed4e0422d15426ce3b222051481abcc86a082fc387f3f89de45c2e2a3005112e1c4fe0bed4251ed0faebf238fdda3834ab893cf4ef41c7e958055ddbdfda4

Download Submit