57e3f6b5e688d68c3b32f1d6055c65d52e993301f55ea595543ae905d219b4bb

Analysis

max time kernel
2s
max time network
5s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
13-10-2024 03:00

Target

val_chv2.exe
Size

6.7MB
MD5

b4e97e8f73d0e27a875336f50565ef53
SHA1

1206e612ff71a82d168f9f2ae9289b49d8d1dbc5
SHA256

57e3f6b5e688d68c3b32f1d6055c65d52e993301f55ea595543ae905d219b4bb
SHA512

a13628b96fd8ef9d478c15bcb6e1676aff6d6c6e5e6fbfc1819f3122414a7c51872af24901fc1f0db1549ab7111e4d94758ac5fef20756530b621824cb9aba64
SSDEEP

196608:Nmwtf0V4t5HL6IwTUrpgjz6vYdZ8cq6k9eqDy9:80f0V4t5r6fUr6jzsYdZE6as

Score

1^/10

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
5056	val_chv2.exe
5056	val_chv2.exe

C:\Users\Admin\AppData\Local\Temp\val_chv2.exe
"C:\Users\Admin\AppData\Local\Temp\val_chv2.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:5056

memory/5056-0-0x00007FF67B1F9000-0x00007FF67B5A3000-memory.dmp

Filesize
3.7MB

Download
memory/5056-1-0x00007FFA14170000-0x00007FFA14172000-memory.dmp

Filesize
8KB

Download
memory/5056-6-0x00007FF67B070000-0x00007FF67BC63000-memory.dmp

Filesize
11.9MB

Download
memory/5056-3-0x00007FF67B070000-0x00007FF67BC63000-memory.dmp

Filesize
11.9MB

Download
memory/5056-7-0x00007FF67B070000-0x00007FF67BC63000-memory.dmp

Filesize
11.9MB

Download
memory/5056-8-0x00007FF67B070000-0x00007FF67BC63000-memory.dmp

Filesize
11.9MB

Download
memory/5056-10-0x00007FF67B070000-0x00007FF67BC63000-memory.dmp

Filesize
11.9MB

Download
memory/5056-9-0x00007FF67B1F9000-0x00007FF67B5A3000-memory.dmp

Filesize
3.7MB

Download