230cb1abdfc09d6d0dae131ab2a2201d3a641cdcd6dd86fc588d0bc6026e45a1

Analysis

max time kernel
170s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
28-12-2023 20:26

Target

f5d6953228c5ea7a808a3d81fae08837.exe
Size

228KB
MD5

f5d6953228c5ea7a808a3d81fae08837
SHA1

38a6339aa2d8e1e7a42fc45ce69d5dd84e9a36b4
SHA256

230cb1abdfc09d6d0dae131ab2a2201d3a641cdcd6dd86fc588d0bc6026e45a1
SHA512

36beb645107f73b3954774b485007b0392e7aab727befc75d5ab58613c23c2485604523d21c48567c1ee0cd8e11a0f19d5355e33e0f6600f49be3934f213fd38
SSDEEP

3072:CItUdnDLxasGR7z9OZEfRbuQwlAdzDs/L778Ze4pv8GyrDPZ+1CmXSxTgksfu1GV:vUdDFed8ZEZa+I//7J4T2MA3gkJ1GUCd

Score

4^/10

Drops file in Windows directory 1 IoCs

description	ioc	Process
File created	C:\Windows\Tasks\NANDSave.job	f5d6953228c5ea7a808a3d81fae08837.exe

C:\Users\Admin\AppData\Local\Temp\f5d6953228c5ea7a808a3d81fae08837.exe
"C:\Users\Admin\AppData\Local\Temp\f5d6953228c5ea7a808a3d81fae08837.exe"
1⤵
- Drops file in Windows directory
PID:3892

memory/3892-0-0x0000000000550000-0x0000000000551000-memory.dmp

Filesize
4KB

Download
memory/3892-1-0x0000000000560000-0x0000000000561000-memory.dmp

Filesize
4KB

Download
memory/3892-4-0x0000000000580000-0x0000000000581000-memory.dmp

Filesize
4KB

Download
memory/3892-3-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/3892-2-0x0000000000570000-0x0000000000571000-memory.dmp

Filesize
4KB

Download
memory/3892-5-0x00000000005A0000-0x00000000005C0000-memory.dmp

Filesize
128KB

Download
memory/3892-6-0x0000000000C60000-0x0000000000C8F000-memory.dmp

Filesize
188KB

Download
memory/3892-10-0x00000000005A0000-0x00000000005C0000-memory.dmp

Filesize
128KB

Download
memory/3892-18-0x00000000005A0000-0x00000000005C0000-memory.dmp

Filesize
128KB

Download