Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
13-06-2024 00:52
Behavioral task
behavioral1
Sample
a33cf0c24ce2d4c142e7100c833c8711_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a33cf0c24ce2d4c142e7100c833c8711_JaffaCakes118.pdf
Resource
win10v2004-20240508-en
General
-
Target
a33cf0c24ce2d4c142e7100c833c8711_JaffaCakes118.pdf
-
Size
45KB
-
MD5
a33cf0c24ce2d4c142e7100c833c8711
-
SHA1
8fe579b4db12dccd4031c5e7d44e07c4ba87fef0
-
SHA256
619db1dee8b1cd5294b60b96eb18f6e933d7ef8db30e51cbedd8429347eeb654
-
SHA512
75ab63f75856e048c824393ceab9962acdd352688330f225471997f391af2f1bf97c5eda3d5f512124620a1a7ef3f01a521988357eb194bf8676af230cc792c6
-
SSDEEP
768:2gGzpDBpQkM27XhaO2ENo+YSl+9wmrp5+l7dDlxMRwU34N4NbMsBVk4B:jGFNpLXgrrp54xDk3BNzBVk4B
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
AcroRd32.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe -
Processes:
AcroRd32.exedescription ioc process Key created \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION AcroRd32.exe -
Suspicious use of FindShellTrayWindow 1 IoCs
Processes:
AcroRd32.exepid process 4968 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
Processes:
AcroRd32.exepid process 4968 AcroRd32.exe 4968 AcroRd32.exe 4968 AcroRd32.exe 4968 AcroRd32.exe 4968 AcroRd32.exe 4968 AcroRd32.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
AcroRd32.exeRdrCEF.exedescription pid process target process PID 4968 wrote to memory of 3064 4968 AcroRd32.exe RdrCEF.exe PID 4968 wrote to memory of 3064 4968 AcroRd32.exe RdrCEF.exe PID 4968 wrote to memory of 3064 4968 AcroRd32.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 892 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe PID 3064 wrote to memory of 3276 3064 RdrCEF.exe RdrCEF.exe
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a33cf0c24ce2d4c142e7100c833c8711_JaffaCakes118.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4968 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
- Suspicious use of WriteProcessMemory
PID:3064 -
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=194D154EAFBD18A79169364832C9E659 --mojo-platform-channel-handle=1740 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:892
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=AC5C947079850031B43BB5ECED0E4317 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=AC5C947079850031B43BB5ECED0E4317 --renderer-client-id=2 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job /prefetch:13⤵PID:3276
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=EF43B10B0DFA4F72ED4E992E22D476A9 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=EF43B10B0DFA4F72ED4E992E22D476A9 --renderer-client-id=4 --mojo-platform-channel-handle=2184 --allow-no-sandbox-job /prefetch:13⤵PID:1164
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=AE34F0B1ED6B112FE2E4532F2A975360 --mojo-platform-channel-handle=2564 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:3448
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=C84B8947831AE930E0A61854FD97E6A6 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=C84B8947831AE930E0A61854FD97E6A6 --renderer-client-id=6 --mojo-platform-channel-handle=2596 --allow-no-sandbox-job /prefetch:13⤵PID:2972
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=431BF3BAE0B8CAE5779BF95890775949 --mojo-platform-channel-handle=2948 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:1492
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=ED5A76046C2D72F3BD77E19460EE8594 --mojo-platform-channel-handle=3080 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:23⤵PID:3084
-
C:\Windows\System32\CompPkgSrv.exeC:\Windows\System32\CompPkgSrv.exe -Embedding1⤵PID:3396
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
MD5d00718b333111a32e89f105d2c7c12c2
SHA16888d57d9cbbb7b524eaf7542edc91cb0d3b8e9e
SHA25691de7d9ee84f8c89b55d9d4f8e460e0463e91c415986c355c76fe4fa045a9dc5
SHA51212e8003435dd475e8969e129817743c0c7a849d847e03a14d23ee9afae34eff38046697ae1475e09a41374eaac7537642cde0d0780de658322538f4cb83959ef