4867f8d7ec0c500e8abfd7a94d5b0b73e6a0bb9874dfd2de1be56fff73a77c6e

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
31-12-2023 04:50

Target

28de7388a193b4d475beaf91f37df975.exe
Size

91KB
MD5

28de7388a193b4d475beaf91f37df975
SHA1

efa69f32b200cdf8ebe47f15c1706d113191936c
SHA256

4867f8d7ec0c500e8abfd7a94d5b0b73e6a0bb9874dfd2de1be56fff73a77c6e
SHA512

28c29ae4d6572c8bc0e5249caf6f6db80f663d8b0dec5a6ba07553dbca1d01103598074e3f30767be55cc939143b6f908cf4243374b018fd12e27c37991892b7
SSDEEP

1536:qsKNuX1AzbhWhxerXpXp6lUQz0HkVPQUmVRuIKTDQIoaXeIV0i0SdGim3:q3NuCbh8ArZuYqlmLulnXeY06d9m3

Score

5^/10

Drops file in System32 directory 1 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\VLyc8XRI0B2	28de7388a193b4d475beaf91f37df975.exe

Drops file in Windows directory 4 IoCs

description	ioc	Process
File created	C:\Windows\msagent\VLyc8XRI0B2.exe	28de7388a193b4d475beaf91f37df975.exe
File created	C:\Windows\msagent\VLyc8XRI0B2.lo	28de7388a193b4d475beaf91f37df975.exe
File created	C:\Windows\VLyc8XRI0B2.ico	28de7388a193b4d475beaf91f37df975.exe
File opened for modification	C:\Windows\VLY.log	28de7388a193b4d475beaf91f37df975.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
880	28de7388a193b4d475beaf91f37df975.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ä«Áö³ë¹ÙÄ«¶ó Çö±Ý½Ç½Ã°£.url

Filesize
130B

MD5
fdcd2171ce57531cacdcdfb052f99593

SHA1
de9870775f6eec4cc931710446b58823783af290

SHA256
1e4c2b135bee5a40741fbeaa994019c3bf06b95149825345f54e23a77ab262ec

SHA512
504c029ebda9168bfc39ac6ca64c15af072f0046a327543ab830268627520d0d1c560fe7415035771bfe59aed1adac5748e8f1dbaeae9e63ccb9e0aa1ebcec21

Download Submit
memory/880-0-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download
memory/880-10-0x0000000000400000-0x0000000000418000-memory.dmp

Filesize
96KB

Download