84bebbe2cc14519a656dd6ee54e892191872f7122ebf53ef6b2349a5218c11e1

Resubmissions

18-07-2024 07:25

18-07-2024 07:19

17-07-2024 20:55

17-07-2024 19:21

max time kernel
1563s
max time network
1563s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
17-07-2024 19:21

Target

Purge.exe
Size

24KB
MD5

b02916e5c5215ef3ce25269c8d8afbe2
SHA1

7ea2e4eebea27ade84075a5bd47e048297377259
SHA256

b4e9d14e4ea8a1c459805ec46870f12a3e6ea3308864511a3d9c7af9fb841403
SHA512

c84cd98801dbc515f8e800c5fae57158d4167347c2267f1decbf37e98819b2bc1e9439eacec71eaad1c6ece62bf468b21db9cc53e6568cc73499595b1935296e
SSDEEP

384:lMX3iNFRHDy0nxaP/JqiKV+aQlSp591U7qO7o4FQcc4KVOJ5ogxlwAx9sLtsNtt7:qHitm/JqiO+aB5s7qOUvOJ5ogDrCO8tm

Score

1^/10

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

Purge.exe

pid process

1788 Purge.exe

pid	process
1788	Purge.exe

C:\Users\Admin\AppData\Local\Temp\Purge.exe
"C:\Users\Admin\AppData\Local\Temp\Purge.exe"
1⤵
- Suspicious use of FindShellTrayWindow
PID:1788

memory/1788-0-0x00000000742FE000-0x00000000742FF000-memory.dmp

Filesize
4KB

Download
memory/1788-1-0x0000000000D60000-0x0000000000D6C000-memory.dmp

Filesize
48KB

Download
memory/1788-2-0x00000000742F0000-0x00000000749DE000-memory.dmp

Filesize
6.9MB

Download
memory/1788-3-0x00000000742F0000-0x00000000749DE000-memory.dmp

Filesize
6.9MB

Download
memory/1788-4-0x00000000742F0000-0x00000000749DE000-memory.dmp

Filesize
6.9MB

Download
memory/1788-5-0x00000000742FE000-0x00000000742FF000-memory.dmp

Filesize
4KB

Download
memory/1788-6-0x00000000742F0000-0x00000000749DE000-memory.dmp

Filesize
6.9MB

Download