Analysis Overview
SHA256
0c09d626762969426c58e715e6f44aa782f4edeeae4b436e7246fa3dc3713ba4
Threat Level: Shows suspicious behavior
The file 0f0cdc23_.exe was found to be: Shows suspicious behavior.
Malicious Activity Summary
Deletes itself
Executes dropped EXE
Enumerates processes with tasklist
Drops file in Windows directory
Enumerates physical storage devices
System Location Discovery: System Language Discovery
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V16
Analysis: static1
Detonation Overview
Reported
2025-07-04 19:18
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:19
Platform
win11-20250619-en
Max time kernel
10s
Max time network
8s
Command Line
Signatures
Deletes itself
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
Enumerates processes with tasklist
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\MontanaHard | C:\Users\Admin\AppData\Local\Temp\0f0cdc23_.exe | N/A |
| File opened for modification | C:\Windows\HoseMartial | C:\Users\Admin\AppData\Local\Temp\0f0cdc23_.exe | N/A |
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\extrac32.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\choice.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Local\Temp\0f0cdc23_.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\cmd.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\findstr.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious use of AdjustPrivilegeToken
| Description | Indicator | Process | Target |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
| Token: SeDebugPrivilege | N/A | C:\Windows\SysWOW64\tasklist.exe | N/A |
Suspicious use of FindShellTrayWindow
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
Suspicious use of SendNotifyMessage
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\0f0cdc23_.exe
"C:\Users\Admin\AppData\Local\Temp\0f0cdc23_.exe"
C:\Windows\SysWOW64\cmd.exe
"C:\Windows\system32\cmd.exe" /c copy Volt.jpg Volt.jpg.bat & Volt.jpg.bat
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr /I "opssvc wrsa"
C:\Windows\SysWOW64\tasklist.exe
tasklist
C:\Windows\SysWOW64\findstr.exe
findstr "nsWscSvc ekrn bdservicehost SophosHealth AvastUI AVGUI & if not errorlevel 1 Set WTWeCJRHnQjpWResuXaRjuzPxbYFNhbkAGH=AutoIt3.exe & Set KUauBpAncgceSqQjbhWnLryvbslsLXOSEy=.a3x & Set EvvvqBcYMSRiiQYlWBlnWuKasDttNcuTzgk=300
C:\Windows\SysWOW64\extrac32.exe
extrac32 /Y Actions.jpg *.*
C:\Windows\SysWOW64\findstr.exe
findstr /V "Judge" Pins
C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com
Smooth.com i
C:\Windows\SysWOW64\choice.exe
choice /d n /t 5
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | GuGOlgXATybrzjKHxlew.GuGOlgXATybrzjKHxlew | udp |
Files
C:\Users\Admin\AppData\Local\Temp\Volt.jpg
| MD5 | 079187927e46a2fb84a2777572282c40 |
| SHA1 | 4c1388b21c7871c6304b0ff3929c21c14437f8e4 |
| SHA256 | ff23c8d9515f9d8aa8670571be589d1b6aaabb0b6bedda50d84796aa323c774f |
| SHA512 | c96f13cbae3951e8e0e5e4e768aedfe05b6d601a177d19f94b262e592436a5e6fc66f4a4272f8280d47331ce548caf3b180782628237f316adc6b29cd920fd3c |
C:\Users\Admin\AppData\Local\Temp\Actions.jpg
| MD5 | e46cc3cf2db4502ac1ecb3bfa7cef9d0 |
| SHA1 | bed48acd38d6be13487c2be5ebf87943bb2ddb0e |
| SHA256 | 1ffde3f0b42c24e9d9fbfe868f9a27ed4ba5208f733ce3b1ec064604a6b45b92 |
| SHA512 | b602dd81a6f62bba8cbb240d0e08ada1655959b43ef37b35631cf3824683c9effbb4e78db009be61ee00c47bee685cb35766939fd6ac51ca6f20d24f4ae2d961 |
C:\Users\Admin\AppData\Local\Temp\Pins
| MD5 | ec01b89ee67746b25094f5c16cea8e62 |
| SHA1 | 4ab7f9321219c50358793a5544820dc9be0b838c |
| SHA256 | 8ab8d566fb14a7cf4c925e7acaa7cb2572153183e772654c572020a702044162 |
| SHA512 | 9a76271eb42b566d6ca51bc1b1e016094f971197825dcfa02f1d3a2aa227f2a1243f13dac6943d15b60776cd8065c0d09c7f3f01ce6af02f2925adef95a019b7 |
C:\Users\Admin\AppData\Local\Temp\Worldsex
| MD5 | 4e72d227b9d1e375cc45daf8b29bc44b |
| SHA1 | fe444ec24264591a2b9fe15798bfc719202d50ff |
| SHA256 | 5a027997385b8649350893f46e0d68a9411f6c7f8fb0ed0322d3e67ec5184c02 |
| SHA512 | 3cde6e8a6193cde4ba7cb949ef7488da919e2af83fed828abb9357c5307be2efa0419407cd155f6d09e71c15aa72cb25143b3679ac764ec066cac8b3ce844a94 |
C:\Users\Admin\AppData\Local\Temp\Harold
| MD5 | 79f5bc834a462caee8c9b5ba1b21972c |
| SHA1 | fccff45b6b11c9c6c04355e7dc00203989b01a22 |
| SHA256 | 223c5867ae5151155ddb9a347e2310b90efc12321ca2380d4623ab74fa387998 |
| SHA512 | 5bea8b73ec01e848a748dd381e60679b7096cb1767de4d5220b89ff385977799134fcc357ca474388698c52ee48735d2c566010fbc2fedb3cfeb2d99147b3abf |
C:\Users\Admin\AppData\Local\Temp\Agent
| MD5 | 0637a7f3b27457de2c31284b536e2650 |
| SHA1 | b06cad6345dd33c772a188329371dace6d8c1e39 |
| SHA256 | 32b57b1fe1a1b36d29bda5c1e782cf969c5c2dbaf7bf8d23856e0d199cbfe113 |
| SHA512 | a2087c0f5632bdb623ae2a6980e71c7b70c107fd9a8476f5d610dc8830cf5674cbada6dc0c45227e572b5e1d4fa26aeb0c73387eefe7343326020b36ab905242 |
C:\Users\Admin\AppData\Local\Temp\Portuguese
| MD5 | d6f9b7ad4abc7e2651946ce4e0f0aa3a |
| SHA1 | 0d4793f3ebfbef55894f7e95864d175c9d52103e |
| SHA256 | 2e7ff6ee145781328c5a4c614591b2241131b622109009d03e82460ddce50d2d |
| SHA512 | f3a07c7211cdf734bf7156f1155e03abbbbe5b989d78af10c73fe2916578b133d7769657514124a614f70137f39dd73590d16bb6323365ed7ed3e36aae428b36 |
C:\Users\Admin\AppData\Local\Temp\References
| MD5 | 3117b4e2edeed15b686c8874ef3d8c54 |
| SHA1 | a7b83abbb7bd75c06ee5b2dd6397c3779adb644c |
| SHA256 | f5c2b3ac5b2e832299b311d14f1e8aad4711c6ac3a3730b1e2a088574359737d |
| SHA512 | 772669df5ff9e98f3daaed94c1cb804be31defc775b0624181b31c82269d80726a6d59bc6a86ab6f286f975845fcad8a276852c8777938481b68edcddee1b203 |
C:\Users\Admin\AppData\Local\Temp\Pour
| MD5 | cf08be7163d59411a7796347741706ee |
| SHA1 | 0b6f84ef5ac3fcd0f9e9c647611941812d1a4029 |
| SHA256 | 4ecb23185c5417c85a3797b26f51cb908735ffce12e8c55b94b9ff47cbc3d059 |
| SHA512 | 4bf428d906e17836899eb30e50e14624c481465cd8991ad72a9e8ae087e90ef9676f6c97d23de68ec413a4185b017d68337a96ba75bba9d769d0997f05735ed7 |
C:\Users\Admin\AppData\Local\Temp\Concluded
| MD5 | 624560396f6e45240443d8ff4ec33fe5 |
| SHA1 | c4dceedfd6650b9932b8f3d6f2c8447b0a6f8404 |
| SHA256 | bcd21b828ca19dd2af3dcea50cc8cffee7ca93bb9c07f8491c7429e55671767f |
| SHA512 | a5a91e148d2988c44c7718f85152e0c72c062b2b6617bd9d98511d7e3a2bf4ebd5e19c88c35e5280e50780a7da07b87f86a5ebfdc275da0480c5511526fd2cbb |
C:\Users\Admin\AppData\Local\Temp\Expanded
| MD5 | 205824c6f6de5a04b18157808f16ae15 |
| SHA1 | bfe41802af073f1f27be9987011e36cdd6dea580 |
| SHA256 | 04e9e75696d2c43417cc55fdf6ea9ee347c08689472f0490e4c727e982629c59 |
| SHA512 | 4633313a75b5619fa159e6380bee39a82326c396361943900d759a545c4011cbffc73b8b90a9ca46f372f7e3e5a43da27439f648a70b70da2d783a7df34202d1 |
C:\Users\Admin\AppData\Local\Temp\Feature
| MD5 | 08fc19e80913f01cc2017a0cdb07312d |
| SHA1 | f4446e06d5075c5484e4cebed15c95f8944fd43c |
| SHA256 | 151464d4d5b509174520f77f72af4a2df13e47f5bc386b8757c16bae54702781 |
| SHA512 | c264dee1c91d98469cc4f10205d35dc2ead497c3878bc73bf5f6fd24a96b4913489618303f524d1bbd59f12fece635ee2eebd84dd36c46c96498a2a400912ad5 |
C:\Users\Admin\AppData\Local\Temp\Pipes
| MD5 | 9f6790bcd34211a8047f546ca3dee4fc |
| SHA1 | 3eab73d1fe12bebd8f843895c1280e0ef3f95c14 |
| SHA256 | 4eb88b6c9dd74fb724ded480386d2e6e1116a6a936fd1cfe5fe9600d41a8ed18 |
| SHA512 | 7aec9d692ad94a3055edd4fb30b17da83ebf26d845ced1c59737fe0bf567ad00a800d52c32961ed13ff34a7394fbcd23db8a4bc00ad8ca8f4c5ce213b931c522 |
C:\Users\Admin\AppData\Local\Temp\Almost.jpg
| MD5 | 8f7ade728f200bbebea6a89078746b5c |
| SHA1 | 66606853420213b70fed86428f549942bb719518 |
| SHA256 | f478f80e6f5cc06357106d766edd032c7e9d4d678d395ef06bae11f0acc93f03 |
| SHA512 | 09ee1fa492c949df8e06de9d36790e7f4589a735fa7b3ecb22eed0d0b802bbfab4d4cb1e132a71ea77932145834402ff208eb9cdc5905da34825a7da56ec871b |
C:\Users\Admin\AppData\Local\Temp\Up.jpg
| MD5 | a437c182d29dbce6b5d69c1ea069d931 |
| SHA1 | e1e2a32e740b0d6dfa73ab77f4b29f4e82a7f8eb |
| SHA256 | 6cc5d7c7cd996a67f80e8eeb83108652ecf55dee5783497da5b095ccef87b573 |
| SHA512 | d7abc4810c2d44603481dffaf3e6421d10af9ba4ace23c9784be23b54543c5785637f08ad1fa694a00e1084cb093464408d1b9d99deb65947f008108b6446ea7 |
C:\Users\Admin\AppData\Local\Temp\Printers.jpg
| MD5 | 3a52e2f74e1c11decaf7856da85ebbc0 |
| SHA1 | a9403ca86a0ed08819f3084aef7f981d061f717d |
| SHA256 | 394e30fa289832ea300353797d880bb8bfa2bfc573dbdf83edb0016400a7a95a |
| SHA512 | 23fe7d691e4fddba794174d4ce8694d772f83dc4ec22083faf7919bab0e716a68c938119a60d1dedde83c6c15b3ae609ea46141f1afab550a899e2de2dad0441 |
C:\Users\Admin\AppData\Local\Temp\Sticks.jpg
| MD5 | 43e5c0f1041a97241004553f18b32e54 |
| SHA1 | b1b26ffbed879f69a7dd50ed5f3a00982b24be6e |
| SHA256 | 507f32c47f94d387349084bbeeb653f873145ee868ec2f031b70b9714a8ec7f0 |
| SHA512 | 6207be4abf4effab82ddfe229aec918a697bd4f1969b891d83888c7e9a6101df6dd2c2e5499efc6d0284b5a28d050ff848ac05d2e6a25daf2a3d1a2e3d3e4d27 |
C:\Users\Admin\AppData\Local\Temp\Established.jpg
| MD5 | 1988635dba11d4bf1bc7f0324d916703 |
| SHA1 | f575df302d3e727d230ff5ab5fbae7dcf16ae448 |
| SHA256 | 250c74f0933ffed14cc8f81585c5322cc4a43f612d5391dbd28e1fafbf51770e |
| SHA512 | 6e2821ccf1f711cf29647ccbce7f29633997d013457f770b265bbd9fc58a695851af02bdaa55d51a6d3f2714af10719aece67f2e1fe0da804b3ed3c9824ee57b |
C:\Users\Admin\AppData\Local\Temp\Brochures.jpg
| MD5 | eb98cf41f60207be4f00f57d0dbfa912 |
| SHA1 | 4deaf682dd22843269b7e9173af60d1dae260b5b |
| SHA256 | 981c00cd31bc71a4abd347fa925e07b373c001f523eeaeab8233030e7b33a746 |
| SHA512 | 15b7915c7eaeb811027791ef3987514165126bf119d8b0b6b0a4bdefbbf6810458aac312a6b627a525d61ea153126ec30d3af72c23e0f981f377f79488648f40 |
C:\Users\Admin\AppData\Local\Temp\Looks.jpg
| MD5 | f595d410bfd66503706ceca38af31d96 |
| SHA1 | db514ab05dc131d5104f71cd97fb050389009642 |
| SHA256 | a71f9d8551fe695bfd6fcbdd5e32fa7210af1b0af6fcab45e8652d30356f3778 |
| SHA512 | bda49d0a42b50faad2700b148d8b2159e870afb7eacfc9bf914e282a7c512889e8e63ea499244f1c0f9899ff232a8e67c44c315c9f34919688c97fe136bf31a9 |
C:\Users\Admin\AppData\Local\Temp\432811\Smooth.com
| MD5 | 62d09f076e6e0240548c2f837536a46a |
| SHA1 | 26bdbc63af8abae9a8fb6ec0913a307ef6614cf2 |
| SHA256 | 1300262a9d6bb6fcbefc0d299cce194435790e70b9c7b4a651e202e90a32fd49 |
| SHA512 | 32de0d8bb57f3d3eb01d16950b07176866c7fb2e737d9811f61f7be6606a6a38a5fc5d4d2ae54a190636409b2a7943abca292d6cefaa89df1fc474a1312c695f |
C:\Users\Admin\AppData\Local\Temp\432811\i
| MD5 | 0af9e22506b0c923c0cbdd17e569dd31 |
| SHA1 | 0a18cc56c9d54ac5d7bddb62a2cc2446133df0b3 |
| SHA256 | 15f040b15db2d9665a8a50eb3a972cfcf30b2a4a08be9759876a64f072005084 |
| SHA512 | 813eaede24117daf74294c4d9f7b3cc59b41b83785dda0ce8277c8bfb64109c14c574640d96a666d93cee3ac6ad9e4a5d8abc62533564ce984d6ebddb4b5072c |
Analysis: behavioral12
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Pour
Network
Files
Analysis: behavioral15
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250610-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral10
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Pipes
Network
Files
Analysis: behavioral14
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250610-en
Max time kernel
101s
Max time network
102s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Worldsex
Network
Files
Analysis: behavioral17
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250502-en
Max time kernel
103s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\NatWater\Actions.cab
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250610-en
Max time kernel
102s
Max time network
105s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Agent
Network
Files
Analysis: behavioral6
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Expanded
Network
Files
Analysis: behavioral7
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Feature
Network
Files
Analysis: behavioral9
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Pins
Network
Files
Analysis: behavioral13
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250502-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\References
Network
Files
Analysis: behavioral18
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral5
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250610-en
Max time kernel
100s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Concluded
Network
Files
Analysis: behavioral8
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250619-en
Max time kernel
101s
Max time network
104s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Harold
Network
Files
Analysis: behavioral11
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:21
Platform
win11-20250610-en
Max time kernel
40s
Max time network
153s
Command Line
Signatures
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Portuguese
Network
Files
Analysis: behavioral16
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral19
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral20
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250619-en
Max time kernel
0s
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral21
Detonation Overview
Submitted
2025-07-04 19:18
Reported
2025-07-04 19:18
Platform
win11-20250502-en
Max time kernel
0s