dd2ff8ad5f6ebdf65f7581fc99dfd2b2a249769dc40072b628c79c9b837da6e3

Analysis

max time kernel
148s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
12/01/2024, 06:32

Target

55bb575944e1dfe2811b42106d88a852.exe
Size

65KB
MD5

55bb575944e1dfe2811b42106d88a852
SHA1

14e347f1b31f83176c67af67c296e938555fb5e7
SHA256

dd2ff8ad5f6ebdf65f7581fc99dfd2b2a249769dc40072b628c79c9b837da6e3
SHA512

3265c7ff130a787c65178c0805c2248afc789389beadd9f7a11aa8bce398e9990973ee219f91f5589cec3da595a7a70eac5cb2ccf1a727b0c25b9df9a5391399
SSDEEP

768:YfVvcgfxCWLvBlHa4LIushRaDkJ23Gj3TEJdeQaOmb1wkGq6+sQCGVjdrcPK3Qm:8Jx5XaPIDu2WzT6eQa9EwCGdOPK3x

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
1996	Process not Found

Drops file in System32 directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\system32\spool\PRTPROCS\x64\x9317eI1qG.dll	55bb575944e1dfe2811b42106d88a852.exe

C:\Users\Admin\AppData\Local\Temp\55bb575944e1dfe2811b42106d88a852.exe
"C:\Users\Admin\AppData\Local\Temp\55bb575944e1dfe2811b42106d88a852.exe"
1⤵
- Drops file in System32 directory
PID:1708

C:\Windows\System32\spool\prtprocs\x64\x9317eI1qG.dll

Filesize
9KB

MD5
02dc6fa49806b8c742d0938d18fc2681

SHA1
4b42aaa393409059c8e914e90ab59731d01239b7

SHA256
8246a5d094298ccd335cbb60d20795e78822345b0aa284f55be7c550097fce4e

SHA512
1a2375ef793a0e8e3ce7e8a52bd7df630e7fc204a386890c182d6aff646530db6f76ec3fa722005d703122dfed2d30cfab664e1731d16ff1b7dc395fbde51cba

Download Submit
memory/1708-0-0x00000000005E0000-0x00000000005E4000-memory.dmp

Filesize
16KB

Download
memory/1708-4-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download