1e4d629630010de9d5ce2c48b1462a15eba3c8eb3ea152e56d42b3a58e50e37c

Analysis

max time kernel
22s
max time network
5s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
06-08-2024 21:40

Target

X-Aviation/xaLicenseGenerator.exe
Size

450KB
MD5

cd2232f1411d3a55f9158e21b63dbeac
SHA1

0e285052043c2a998ae40f2176c80bdc98d94adb
SHA256

dc8bcf028b4205b6fd3ac10704b6b931fe94cab8c7c429347b7a97f66be75679
SHA512

fa84c114d1fb78efa2544b4f99e9d189af8be3c396195de448bbec16566a7d2576b74a4cb8d18579b071b906d9d2d4cf0ddb95b8e9eb45f385a86731ac4508e2
SSDEEP

6144:NMdgP9yxdzl1KD8fc7uMwvFPc6m+o36gj+L:NMdA9mzWwfcSM4xk5

Score

1^/10

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2112	xaLicenseGenerator.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2112	xaLicenseGenerator.exe

memory/2112-0-0x0000000000920000-0x0000000000996000-memory.dmp

Filesize
472KB

Download
memory/2112-1-0x00007FFCEE413000-0x00007FFCEE415000-memory.dmp

Filesize
8KB

Download
memory/2112-2-0x0000000002A60000-0x0000000002B1C000-memory.dmp

Filesize
752KB

Download
memory/2112-3-0x0000000001240000-0x0000000001246000-memory.dmp

Filesize
24KB

Download
memory/2112-4-0x00007FFCEE410000-0x00007FFCEEED1000-memory.dmp

Filesize
10.8MB

Download
memory/2112-6-0x00007FFCEE413000-0x00007FFCEE415000-memory.dmp

Filesize
8KB

Download
memory/2112-8-0x00007FFCEE410000-0x00007FFCEEED1000-memory.dmp

Filesize
10.8MB

Download