6067a3aee3db2a554bf760beafd0795f2ae5a6febe431b23de4df7fb5b7f5b2e

Analysis

max time kernel
149s
max time network
161s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
28/12/2023, 20:52

Target

f762a150b70cef908a0f411e2d8f817c.exe
Size

190KB
MD5

f762a150b70cef908a0f411e2d8f817c
SHA1

0caa43162b5fdfc2e62e93457cc602b5bba7dfc6
SHA256

6067a3aee3db2a554bf760beafd0795f2ae5a6febe431b23de4df7fb5b7f5b2e
SHA512

9b2a3828e79cd1868973bfdda10c0b93bb7ac4fbcb8e99605ecff2f49fea140e2cff950bac6c5ea5d570feec8cf1daca096afb198d4c65bcf9716c1e94ac9add
SSDEEP

3072:JqdFy78eBqpxcsRjMNlazKEoEjWiovE5ZOnMp9QqhRI+k+q1WhK99:EdWAp+QyiSE5ZOnMp9phRXe4

Score

8^/10

Drops file in Drivers directory 2 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\drivers\svchost.exe	f762a150b70cef908a0f411e2d8f817c.exe
File opened for modification	C:\Windows\SysWOW64\drivers\svchost.exe	f762a150b70cef908a0f411e2d8f817c.exe

Executes dropped EXE 1 IoCs

pid	Process
4992	svchost.exe

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\sLT.exf	svchost.exe

C:\Users\Admin\AppData\Local\Temp\f762a150b70cef908a0f411e2d8f817c.exe
"C:\Users\Admin\AppData\Local\Temp\f762a150b70cef908a0f411e2d8f817c.exe"
1⤵
- Drops file in Drivers directory
PID:4016

C:\Windows\SysWOW64\drivers\svchost.exe

Filesize
190KB

MD5
f762a150b70cef908a0f411e2d8f817c

SHA1
0caa43162b5fdfc2e62e93457cc602b5bba7dfc6

SHA256
6067a3aee3db2a554bf760beafd0795f2ae5a6febe431b23de4df7fb5b7f5b2e

SHA512
9b2a3828e79cd1868973bfdda10c0b93bb7ac4fbcb8e99605ecff2f49fea140e2cff950bac6c5ea5d570feec8cf1daca096afb198d4c65bcf9716c1e94ac9add

Download Submit
memory/4016-4-0x0000000000400000-0x0000000000436000-memory.dmp

Filesize
216KB

Download
memory/4992-5-0x0000000000400000-0x0000000000436000-memory.dmp

Filesize
216KB

Download