54bf2883b329c32297fb23b00c09a239bfa5150af8a1198c02fe19ffbb5bfe0f

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
29/04/2024, 08:49

Target

A-5646490141215903.exe
Size

672KB
MD5

0041ede7acf4d25bb4e652dfc8f2fa47
SHA1

2d81606faa064f612650cde95a4f5c3dc9478cc3
SHA256

bb99c9cfa2d3772cc0955b710be0831038e1307da96426e044565964223513fb
SHA512

ecb4734e0efca6e0f44f88c231be0f4031e59ec347f41ade2e4b0c28a23a5f589955d799c2362d9a9c953143b1d500eeceff12ec7489d4a72e8064dc271411e6
SSDEEP

12288:pXlx4HF04aNmCnhdPBSv2ZoEvzC5Q2RqJ45PpBHN9XTKlN+6Sl0o3K5qmnHR:p1x4PQPBSe/G3W49DrXel86SVaJH

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2792	A-5646490141215903.exe
2792	A-5646490141215903.exe

C:\Users\Admin\AppData\Local\Temp\A-5646490141215903.exe
"C:\Users\Admin\AppData\Local\Temp\A-5646490141215903.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2792

memory/2792-4-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download
memory/2792-3-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/2792-2-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/2792-1-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download
memory/2792-0-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download
memory/2792-5-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download
memory/2792-6-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download
memory/2792-7-0x0000000000400000-0x00000000004AA000-memory.dmp

Filesize
680KB

Download