9d83a9a86331ecdde350734646f0927a4379d55372d3b6c45fc9ad60a182d903

Analysis

max time kernel
141s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
02-02-2024 16:23

Target

89fb027f0a56d1024650be6c702d4366.exe
Size

61KB
MD5

89fb027f0a56d1024650be6c702d4366
SHA1

f55f1b2e64880569ab45426f1cadc77319a4bb0d
SHA256

9d83a9a86331ecdde350734646f0927a4379d55372d3b6c45fc9ad60a182d903
SHA512

d2bb615b6174c6cf4eae4c1653f037d30d1507800c37e3a448fba2f5a023bf592382ef3070ac610c0c22530c831aafa1d1c6c68afec75946ee7f33295137e686
SSDEEP

1536:eJqam1svMrUVI1NR6nXHjk1eaDrErx1xFaRJF:ym1sTWNR6nzkPrErx1xARJF

Score

7^/10

Loads dropped DLL 1 IoCs

pid	Process
1648	89fb027f0a56d1024650be6c702d4366.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\comsa32.sys	89fb027f0a56d1024650be6c702d4366.exe
File created	C:\Windows\SysWOW64\comsa32.sys	89fb027f0a56d1024650be6c702d4366.exe

Suspicious behavior: EnumeratesProcesses 16 IoCs

C:\Users\Admin\AppData\Local\Temp\mta62736.dll

Filesize
1.6MB

MD5
e0e12856ca90be7f5ab8dfc0f0313078

SHA1
cc5accf48b8e6c2fd39d1f800229cdbb54305518

SHA256
81ec3e3c98e5f0af0dca21b9f08f2be445b46df2ca2354eaf3523bddcb125619

SHA512
162c56367dca2291117f2391951970273969518b0db2bbc5d51c458173a8028c88d9dfd93aef01ed05b369f953e2953cc6be252daeb17556dbc33e5383900fa6

Download Submit
memory/1648-6-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download
memory/1648-11-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download
memory/1648-13-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download
memory/1648-16-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download
memory/1648-18-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download
memory/1648-19-0x0000000000400000-0x0000000000415000-memory.dmp

Filesize
84KB

Download