11bd35c17825bf9802d3546c4e7f609cac2f29b17fc4abd9d88872d9ee3529aa

Analysis

max time kernel
146s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 11:43

Target

6bba4c7ee24d3619bb8ab3045a15740c.exe
Size

224KB
MD5

6bba4c7ee24d3619bb8ab3045a15740c
SHA1

2cb46da72800801bcb1840237c64e5f6f6c8e4c1
SHA256

11bd35c17825bf9802d3546c4e7f609cac2f29b17fc4abd9d88872d9ee3529aa
SHA512

1fef85f8102a6c5ea6d19a07298987aa27c5fb4e82794c264f2f5aa2d9f5c2bb326726bafed28af0e3c1a5da53b39cabbaebfd2c99aa52f56f0fe21b9cf970f0
SSDEEP

3072:LZX5M5sCzW7m9/JFdQdz/EyBASrEpduhxDT9TA8nZXip0uFDce+0hEBpVOy:LZC57h9/gz/hBbrE2hx5A8Zi0agwydOy

Score

4^/10

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\TravelOrganizer.job	6bba4c7ee24d3619bb8ab3045a15740c.exe

C:\Users\Admin\AppData\Local\Temp\6bba4c7ee24d3619bb8ab3045a15740c.exe
"C:\Users\Admin\AppData\Local\Temp\6bba4c7ee24d3619bb8ab3045a15740c.exe"
1⤵
- Drops file in Windows directory
PID:2644

memory/2644-4-0x0000000000FE0000-0x0000000000FE1000-memory.dmp

Filesize
4KB

Download
memory/2644-5-0x00000000016B0000-0x00000000016D0000-memory.dmp

Filesize
128KB

Download
memory/2644-10-0x00000000016B0000-0x00000000016D0000-memory.dmp

Filesize
128KB

Download
memory/2644-6-0x00000000028A0000-0x00000000028CF000-memory.dmp

Filesize
188KB

Download
memory/2644-3-0x0000000000FF0000-0x0000000000FF1000-memory.dmp

Filesize
4KB

Download
memory/2644-18-0x00000000016B0000-0x00000000016D0000-memory.dmp

Filesize
128KB

Download
memory/2644-2-0x0000000000FD0000-0x0000000000FD1000-memory.dmp

Filesize
4KB

Download
memory/2644-1-0x0000000000FC0000-0x0000000000FC1000-memory.dmp

Filesize
4KB

Download
memory/2644-0-0x0000000000FB0000-0x0000000000FB1000-memory.dmp

Filesize
4KB

Download