875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1

Analysis

max time kernel
139s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
17-05-2024 00:55

Target

875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1.exe
Size

74KB
MD5

581dd3542e87aadd87f59caa7b063d81
SHA1

9dd4d665bfaf64e04822aa4e18e60464782a1ec7
SHA256

875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1
SHA512

671075a0aa62cca706030c77e1f4b03e9e78d6538f9af2b6e0588157a057510d51861eb15d1d9dfa52801222e97c4e714ff2499071569a9df6889c0047df626e
SSDEEP

1536:1l52iwhqb1tqObPvZkcUbSpx7/wteyNj4:P0PhqZ/TvZtYSXceKk

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4028	akgoobib.exe

Drops file in System32 directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\SysWOW64\akgoobib.exe	875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1.exe
File created	C:\Windows\SysWOW64\akgoobib.exe	875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1.exe

C:\Users\Admin\AppData\Local\Temp\875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1.exe
"C:\Users\Admin\AppData\Local\Temp\875a066b3c23dbb61b34a7418989c80ba75594516ba82af86e1233c88df901c1.exe"
1⤵
- Drops file in System32 directory
PID:1476
- C:\Windows\SysWOW64\akgoobib.exe
  "C:\Windows\SysWOW64\akgoobib.exe"
  2⤵
  - Executes dropped EXE
  PID:4028

C:\Windows\SysWOW64\akgoobib.exe

Filesize
71KB

MD5
f1bd924a843fd570cb08e795c7e5110a

SHA1
1f651624281580a3756071041fbd20ba16cc8bcb

SHA256
6d84839b668cd4f90cb44d0150fa7d67818228f660cc9c033471bde736d23418

SHA512
5ca425aed10eaa4c6bf5af64eddc7dfe6de708f807766d63344957977d73c59aeba179400497a7519a03b36e19c7d279bba5ba251a9c33c53f70b8d20e2930d7

Download Submit
memory/1476-2-0x0000000077D32000-0x0000000077D33000-memory.dmp

Filesize
4KB

Download
memory/1476-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download