Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
31/05/2024, 22:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
yeno (1).exe
Resource
win7-20240508-en
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
yeno (1).exe
Resource
win10v2004-20240426-en
4 signatures
150 seconds
General
-
Target
yeno (1).exe
-
Size
1.3MB
-
MD5
f5671dddb892b300b39e10853cb0ba06
-
SHA1
0d68f353e607adc96521ec836102815cef1cd991
-
SHA256
3ec095b4f837622e5ee404fbb7168a0ba2fdb0b548f5dc0b3ebe92627234360d
-
SHA512
a5b2b583cd9565baa27527e45fff569267e3bf09e169b5e7bedd09f5f817fa0aeaf387efd4d902c7a54e11fd83a4f165116c99f69742a371dcb7a1cd2bda4fdc
-
SSDEEP
24576:G3CTQQje6KWjFUsTNEDcN20pah5nQsrivkdhWeWr2O8hYzlj1TNp4j7YoqEv0:G3CTQQjxKWjFUsTWDcN20k5nQsrivkdM
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 2588 yeno (1).exe -
Suspicious use of FindShellTrayWindow 2 IoCs
pid Process 2588 yeno (1).exe 2588 yeno (1).exe -
Suspicious use of SendNotifyMessage 2 IoCs
pid Process 2588 yeno (1).exe 2588 yeno (1).exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2588 yeno (1).exe