4bdbf8c72c59d5d804c4f3e128f1326a00c7df5822d341988737f5b74ccfefa2

Analysis

max time kernel
38s
max time network
22s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
26-09-2024 22:23

Target

App_Installer.exe
Size

68.1MB
MD5

9ce5da2670c3f3105dccfd2a7a8b8ea8
SHA1

7ea79e80b932fb1d5bb90f8aa2177891fffd11e9
SHA256

4bdbf8c72c59d5d804c4f3e128f1326a00c7df5822d341988737f5b74ccfefa2
SHA512

42d6ad0ca02e37629983b1b8da8caa8f4c5e4c930c67148901001f5888bcd9e198b6dd1ef6682e12f640ca286378fce67707f3bbcb4c019b6edb4ff1f284cd4a
SSDEEP

786432:Ysh10dBsh10dZsh10dCsh10dgsh10dTsh10dPsh10d8sh10d+sh10dFsh10dtshp:dkEksk9k/kGkakPkdkgkwkZk/k1k+k

Score

1^/10

Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

NOTEPAD.EXE

pid process

2812 NOTEPAD.EXE

pid	process
2812	NOTEPAD.EXE

C:\Users\Admin\AppData\Local\Temp\App_Installer.exe
"C:\Users\Admin\AppData\Local\Temp\App_Installer.exe"
1⤵
PID:2108

C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\ur a fucking loser faggot.txt
1⤵
- Suspicious use of FindShellTrayWindow
PID:2812