41e15fdab9ff3b77024667810ddebe6c257cfd795fbeb359b0243b637263a4c7

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 20:01

Target

39eb926fb32d1c5fc653af9f8a67f42f.exe
Size

563KB
MD5

39eb926fb32d1c5fc653af9f8a67f42f
SHA1

5d0db447169202a86e62ecf1b47542c0977c8612
SHA256

41e15fdab9ff3b77024667810ddebe6c257cfd795fbeb359b0243b637263a4c7
SHA512

5b067b645f44bed0b7410c515e28fd489d53cb5d38b78bf0c1174313ad007cfd44c6fa280bdbe4a0dbe90af66a8c7f907a218f2585925e34f2c95971f00c24d7
SSDEEP

12288:Kt+oh+IyU4Fpph8b8sz3PZI+NDkHDrX6/Q:Kku74F98vzfZjNDkjr6/

Score

5^/10

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\8FgiaTi1.dll	39eb926fb32d1c5fc653af9f8a67f42f.exe
File opened for modification	C:\Windows\SysWOW64\8FgiaTi1.dll	39eb926fb32d1c5fc653af9f8a67f42f.exe

Modifies registry class 6 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shell	39eb926fb32d1c5fc653af9f8a67f42f.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shell\open	39eb926fb32d1c5fc653af9f8a67f42f.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\39eb926fb32d1c5fc653af9f8a67f42f.exe \"%1\""	39eb926fb32d1c5fc653af9f8a67f42f.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shell\ = "open"	39eb926fb32d1c5fc653af9f8a67f42f.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive\shell\open\command	39eb926fb32d1c5fc653af9f8a67f42f.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\Drive	39eb926fb32d1c5fc653af9f8a67f42f.exe

memory/2256-0-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2256-80-0x0000000000400000-0x0000000000492000-memory.dmp

Filesize
584KB

Download
memory/2256-81-0x0000000000400000-0x0000000000492000-memory.dmp

Filesize
584KB

Download
memory/2256-82-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/2256-83-0x0000000000400000-0x0000000000492000-memory.dmp

Filesize
584KB

Download