e6dce661b7d957bb8a039237b6dd91e408305e15b640cb18389da8f19a589b2a

Analysis

max time kernel
117s
max time network
131s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29-12-2023 19:43

Target

021cf19e64d47284ba98b3cdb9492d02.exe
Size

1.9MB
MD5

021cf19e64d47284ba98b3cdb9492d02
SHA1

9514ac8ab315de4fa6f9538b51fd0866915823c6
SHA256

e6dce661b7d957bb8a039237b6dd91e408305e15b640cb18389da8f19a589b2a
SHA512

995babf949dc0b6a283a048d6e00b5da6acbcc8f3a7d4e1b0acc5667948b6526f7ffcc29b14ba481bb7c9dca253bac41e28b0fae3dbc01eb19cacfe7bb9bf1ec
SSDEEP

24576:PqbFR9A7aCrso+kRW6EVWYXXQn6fGp8QjCU7JT8W74AeslLHAVoiznambF3oT6T7:SbPF+CU7f4nstAVhLjtouTHjaMl

Score

1^/10

Modifies registry class 11 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\shell\open	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\DefaultIcon	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.swf	021cf19e64d47284ba98b3cdb9492d02.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.swf\ = "ShockwaveFlash.ShockwaveFlash"	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.spl	021cf19e64d47284ba98b3cdb9492d02.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.spl\ = "ShockwaveFlash.ShockwaveFlash"	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\shell\open\command	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash	021cf19e64d47284ba98b3cdb9492d02.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\shell	021cf19e64d47284ba98b3cdb9492d02.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\shell\open\command\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\021cf19e64d47284ba98b3cdb9492d02.exe %1"	021cf19e64d47284ba98b3cdb9492d02.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\ShockwaveFlash.ShockwaveFlash\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\021cf19e64d47284ba98b3cdb9492d02.exe,1"	021cf19e64d47284ba98b3cdb9492d02.exe

C:\Users\Admin\AppData\Local\Temp\021cf19e64d47284ba98b3cdb9492d02.exe
"C:\Users\Admin\AppData\Local\Temp\021cf19e64d47284ba98b3cdb9492d02.exe"
1⤵
- Modifies registry class
PID:2172