0e6dc61eef774aaaf2688f2d1052089d0740c9e9d80cc9d877b1b6cb6b94a68c | Triage

Analysis

max time kernel
139s
max time network
161s
platform
windows11-21h2_x64
resource
win11-20241007-en
resource tags

arch:x64arch:x86image:win11-20241007-enlocale:en-usos:windows11-21h2-x64system
submitted
29-01-2025 15:17

Sharing

Report Analysis Logs

General

Target

ispell/profiles/Services/prl_tools.exe
Size

204KB
MD5

2b28a796b5c196978a45ce79911a3b88
SHA1

cdc4378ac4b29708332067edd5f35edaeabdbef9
SHA256

b6f2735c0e2bc082e2c4e0746b78824fe7ca1ae1c819ed1cd8920012905aded2
SHA512

09aee7f2a983c463f0c7c02697409114d7c5abd4189265abd066ff901cc44f1c1a239dd4aad8e9703805206c6cee26838378e1db35b1df30f87b007d2d3cb2c3
SSDEEP

6144:U5iBH0XZRnFVHwItjNz5ZD7S8jALAel9l0Uj:U5S0XTFVQyjNz5c8jALAobj

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	\??\c:\windows\Logs\parallels.log	prl_tools.exe

C:\Users\Admin\AppData\Local\Temp\ispell\profiles\Services\prl_tools.exe
"C:\Users\Admin\AppData\Local\Temp\ispell\profiles\Services\prl_tools.exe"
1⤵
- Drops file in Windows directory
PID:3660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads