6bfb6cfb88c566ec69058f70170b8c143134cef215de859eda6e9e9fd1e5c521

Resubmissions

29/04/2024, 15:20

max time kernel
1756s
max time network
1160s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
29/04/2024, 15:20

Target

nahnhh/nowaijajaj2.exe
Size

307KB
MD5

5345db4c89b3e725249b9fbd89e976c8
SHA1

30ba6d3cbba0de70b5abd4e302b226b6161b056f
SHA256

eb299eba161bcfc9acdfac14144b09e1af173999d2afc492db6472f9f7f81a8a
SHA512

98dbca3371dad5285e98bf8ec85f4503dfb22f4e0d4f0252cb69bf21d0e6ed675a6a52157cb18b5327e80a241b37f39bcc9d9a1116c43d02f56a91475090e0f5
SSDEEP

6144:fH+ukuXqDw1hSXP0xaNle8zsfhZIKFKN8pmU:B7G5Pe8zsFg84U

Score

1^/10

Suspicious use of FindShellTrayWindow 58 IoCs

C:\Users\Admin\AppData\Local\Temp\nahnhh\nowaijajaj2.exe
"C:\Users\Admin\AppData\Local\Temp\nahnhh\nowaijajaj2.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:1060

memory/1060-0-0x0000000000BA0000-0x0000000000BF2000-memory.dmp

Filesize
328KB

Download
memory/1060-2-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download
memory/1060-1-0x00007FFAA29F0000-0x00007FFAA34B1000-memory.dmp

Filesize
10.8MB

Download
memory/1060-3-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download
memory/1060-4-0x00007FFAA29F0000-0x00007FFAA34B1000-memory.dmp

Filesize
10.8MB

Download
memory/1060-5-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download
memory/1060-6-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download
memory/1060-7-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download
memory/1060-8-0x000000001B940000-0x000000001B950000-memory.dmp

Filesize
64KB

Download