dd2ff8ad5f6ebdf65f7581fc99dfd2b2a249769dc40072b628c79c9b837da6e3

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/01/2024, 06:32

Target

55bb575944e1dfe2811b42106d88a852.exe
Size

65KB
MD5

55bb575944e1dfe2811b42106d88a852
SHA1

14e347f1b31f83176c67af67c296e938555fb5e7
SHA256

dd2ff8ad5f6ebdf65f7581fc99dfd2b2a249769dc40072b628c79c9b837da6e3
SHA512

3265c7ff130a787c65178c0805c2248afc789389beadd9f7a11aa8bce398e9990973ee219f91f5589cec3da595a7a70eac5cb2ccf1a727b0c25b9df9a5391399
SSDEEP

768:YfVvcgfxCWLvBlHa4LIushRaDkJ23Gj3TEJdeQaOmb1wkGq6+sQCGVjdrcPK3Qm:8Jx5XaPIDu2WzT6eQa9EwCGdOPK3x

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
276	Process not Found

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\spool\PRTPROCS\x64\xm7gM1g.dll	55bb575944e1dfe2811b42106d88a852.exe

C:\Users\Admin\AppData\Local\Temp\55bb575944e1dfe2811b42106d88a852.exe
"C:\Users\Admin\AppData\Local\Temp\55bb575944e1dfe2811b42106d88a852.exe"
1⤵
- Drops file in System32 directory
PID:2024

\Windows\System32\spool\prtprocs\x64\xm7gM1g.dll

Filesize
9KB

MD5
02dc6fa49806b8c742d0938d18fc2681

SHA1
4b42aaa393409059c8e914e90ab59731d01239b7

SHA256
8246a5d094298ccd335cbb60d20795e78822345b0aa284f55be7c550097fce4e

SHA512
1a2375ef793a0e8e3ce7e8a52bd7df630e7fc204a386890c182d6aff646530db6f76ec3fa722005d703122dfed2d30cfab664e1731d16ff1b7dc395fbde51cba

Download Submit
memory/2024-0-0x00000000002D0000-0x00000000002D4000-memory.dmp

Filesize
16KB

Download
memory/2024-1-0x0000000077DA0000-0x0000000077DA1000-memory.dmp

Filesize
4KB

Download
memory/2024-5-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download