Cuckoo Sandbox

Name	53997ac8a46f745d_fohbyc.exe Download Submit file
Filepath	C:\Users\Administrator\AppData\Roaming\Microsoft\fohbyc.exe
Size	73.5KB
Processes	2728 (c2af3cb8b1d5a4e8c9ae3a431f414175f8909d69b9ce564c59a66a90a6a002fb.exe)
Type	PE32 executable (GUI) Intel 80386, for MS Windows
MD5	`77cfc2a42d1c861193961037df405a4d`
SHA1	`26c55615ab3a01f2feb2a74e413ba90a488dd860`
SHA256	`53997ac8a46f745dcdecab9f423a6ea0ffd9cd1e657f47ead8df7cb5c78a7e5e`
CRC32	`BB9AD748`
ssdeep	`None`
Yara	Gandcrab - Gandcrab Payload CrowdStrike_CSIT_18151_01 - This rule detects GandCrab ransomware once it is in an unpacked state. network_http - Communications over HTTP win_mutex - Create or check mutex win_registry - Affect system registries win_files_operation - Affect private profile
VirusTotal	Search for analysis

Dropped Files