e78cf9f4e5d2c365aa2f0aff3b92b7e6a5c8da8a1bd03c5d3decdfdb19919301

Resubmissions

03/10/2024, 00:04

03/10/2024, 00:02

max time kernel
41s
max time network
36s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
03/10/2024, 00:04

Target

RealTurb CAT Areas Global for MSFS.zip
Size

17.1MB
MD5

cbae51d4ea469664372b556397f37316
SHA1

72876f11068192a2e5f052083e873d7f9a047802
SHA256

e78cf9f4e5d2c365aa2f0aff3b92b7e6a5c8da8a1bd03c5d3decdfdb19919301
SHA512

afa03b089f36db39a280299bdf63d789fd40a33ea7528434c02f4bb858f3fb31ddb777dc86e9e9c3593e4ef6779272121d102e9671f3c1278cba14842535c5e8
SSDEEP

393216:qHokn2n1ajABA+5F93DD8gtHixKviqz61BFKe7u2/fSAQvP2Vi:6O5LX9OKviaOK2dfSHveM

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
3288	RealTurb CAT Areas Global for MSFS.exe
3288	RealTurb CAT Areas Global for MSFS.exe

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
3288	RealTurb CAT Areas Global for MSFS.exe
3288	RealTurb CAT Areas Global for MSFS.exe

Suspicious use of SendNotifyMessage 2 IoCs

pid	Process
3288	RealTurb CAT Areas Global for MSFS.exe
3288	RealTurb CAT Areas Global for MSFS.exe

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,"C:\Users\Admin\AppData\Local\Temp\RealTurb CAT Areas Global for MSFS.zip"
1⤵
PID:548

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:1080