Analysis
-
max time kernel
177s -
max time network
32s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
26-12-2023 14:10
Behavioral task
behavioral1
Sample
749d73f7185f1ad512a72c91a58af31f.exe
Resource
win7-20231215-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
749d73f7185f1ad512a72c91a58af31f.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
749d73f7185f1ad512a72c91a58af31f.exe
-
Size
356KB
-
MD5
749d73f7185f1ad512a72c91a58af31f
-
SHA1
0c96c4963f84312fc2e587eea90ba8c7fa7c29ec
-
SHA256
03ffd42c2de8c8257cbd038d772d0135ba9b43d74462d070efe3fd94c90ddeaf
-
SHA512
2575c5c25b6b2a545a2180fcaa48236eac6bce2ce836a7518efcc98b421a6ec85c13154ffb70a00619b74e0bba94696fb6fe3f5a1b103fc10e5b96622de8c179
-
SSDEEP
6144:pQg6R6F9j4z7WHf09RbMOs02+NfOV9ddrFm6MzvWyh4Vv9276FENEFgl77:ug6ZzS89qODdG9ddrIOyKL27mENEu1
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2860-0-0x0000000000400000-0x00000000004DC000-memory.dmp upx behavioral1/memory/2860-2-0x0000000000400000-0x00000000004DC000-memory.dmp upx -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2860 749d73f7185f1ad512a72c91a58af31f.exe 2860 749d73f7185f1ad512a72c91a58af31f.exe -
Suspicious use of SendNotifyMessage 2 IoCs
pid Process 2860 749d73f7185f1ad512a72c91a58af31f.exe 2860 749d73f7185f1ad512a72c91a58af31f.exe