73b3d43f1d7940714e19e0f58c55682d46cf7e1c062a95b9327244b9894eddf9

Analysis

max time kernel
85s
max time network
92s
platform
windows11-21h2_x64
resource
win11-20231215-en
resource tags

arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
submitted
25/01/2024, 23:59

Target

Browser/TorBrowser/Tor/PluggableTransports/lyrebird.exe
Size

6.8MB
MD5

6121249b3c39f72d4c192907817a0be6
SHA1

74930451399142c683de127289ba687f1674c11e
SHA256

268432cd0518b24e3de69221fe3d6c3eebc281f1f5a6deb906459c4a08a83842
SHA512

b2c09d0eb4ebce2a687823efd42e286efabb898a7efa15ec6d661b8d285ddd4680dcb385d437c2945986519c13c34b83363500bc0691dad4487b77ed4d41d7f9
SSDEEP

49152:t5psILdrb/TrvO90d7HjmAFd4A64nsfJUKn5D5q0CIqDtrjSwcuS7wTqOrGAyqAM:xHKx5QIOrmaTqOB+0jMIEPGyM

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3960	lyrebird.exe
3960	lyrebird.exe

C:\Users\Admin\AppData\Local\Temp\Browser\TorBrowser\Tor\PluggableTransports\lyrebird.exe
"C:\Users\Admin\AppData\Local\Temp\Browser\TorBrowser\Tor\PluggableTransports\lyrebird.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:3960