Analysis
-
max time kernel
148s -
max time network
145s -
platform
windows10-1703_x64 -
resource
win10-20231023-en -
resource tags
arch:x64arch:x86image:win10-20231023-enlocale:en-usos:windows10-1703-x64system -
submitted
05/12/2023, 21:14
Behavioral task
behavioral1
Sample
$R5S8JK8.exe
Resource
win7-20231023-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
$R5S8JK8.exe
Resource
win10-20231023-en
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
$R5S8JK8.exe
Resource
win10v2004-20231127-en
2 signatures
150 seconds
General
-
Target
$R5S8JK8.exe
-
Size
481KB
-
MD5
b007bdd2709b4c8f53855ea34a1a2e4d
-
SHA1
625fde6d811494267e709f945c39e569a1f0d7f1
-
SHA256
1d6f6da9c17573fb0ecd777294181a20c7cdb5c077a648334873808c91887cb8
-
SHA512
e37fbb79c9f08d108eec8b14c581ca411e99c5412447ebe1e14395e0f45d683d5c998d653b9b52a50868a3a2ff2da657ae245fcec3c66164f10688e91a854a2d
-
SSDEEP
12288:yRXxReZj3WZfj/2eSseWFaIe2+f8CL47bs/ZiKEDU:yx7cyF2eSsewS8W47eZD
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 3364 $R5S8JK8.exe -
Suspicious use of SendNotifyMessage 1 IoCs
pid Process 3364 $R5S8JK8.exe