Register Login

sloganpng

top title background image

PRTService.exe

Status: finished

Submission Time: 2021-07-22 12:04:09 +02:00

Suspicious

Evader

Comments

Tags

Details

Analysis ID:
452460
API (Web) ID:
820049
Analysis Started:

2021-07-22 12:04:10 +02:00
Analysis Finished:

2021-07-22 12:08:59 +02:00
MD5:
4a838989da416e3d16c520d03c3ba192
SHA1:
f2fb096d74527a06c5b5c2975fd438419ec171b6
SHA256:
26c2caf1eb317e9354cec8a92e824a495ce7d253f6d1779226138e6994553cf9
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
	Full Report Management Report IOC Report	suspicious Score: 26	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Dropped files

Name	File Type	Hashes	Detection
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_prtservice.exe_9a52ed83f9a038e8d5d8a8b157025a4bf964059_00000000_170c17b5\Report.wer	Little-endian UTF-16 Unicode text, with CRLF line terminators	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERDC2.tmp.WERInternalMetadata.xml	XML 1.0 document, Little-endian UTF-16 Unicode text, with CRLF line terminators	#
C:\ProgramData\Microsoft\Windows\WER\Temp\WERE60.tmp.xml	XML 1.0 document, ASCII text, with CRLF line terminators	#
Click to see the 1 hidden entries
C:\Users\user\AppData\Local\Temp\1d7a2c72-3aee-4299-91f8-2280595a512b\AgileDotNetRT.dll	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows	#