db680824011298774bda65541c7cf5695941feb492697d9b7e9093ae06732385 | Triage

Analysis

max time kernel
93s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
21/02/2024, 14:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

NMSSaveEditor.exe
Size

15.3MB
MD5

33a4906a51163dc95e078aca483149fc
SHA1

230f669e371b3625c2a390101b2d6bcd4337e083
SHA256

db680824011298774bda65541c7cf5695941feb492697d9b7e9093ae06732385
SHA512

3fe78c2007dc7ce36256a845285c6d3786910a0fc79e534d01355b54cd5b8a6693f5363edae1f46fe4568a4d88796b971eaee586aed7dcf336b3e24fa96ef9bf
SSDEEP

393216:T26z/gqBroRJmBjZrjsTltcDZCuy7h2BfI40+kfM4s168ao:T26MlJmBjZrjCcVvQmfIF+kfzE68ao

Score

1^/10

Malware Config

Signatures

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4248	NMSSaveEditor.exe

C:\Users\Admin\AppData\Local\Temp\NMSSaveEditor.exe
"C:\Users\Admin\AppData\Local\Temp\NMSSaveEditor.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:4248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads