ENTRY POINT COMPLETE
ANDRE: a1bab5c7-166a-466d-9226-e37d9eb3c369

vmtoolsd.exe (PID: 10012)

created c:\users\ieuser\appdata\local\temp\vmware-ieuser\vmwarednd\528df9d8\kyrazon setup - v1.0.8.rar

8/2/2024, 7:19:29 AM

explorer.exe (PID: 6048)

read c:\users\ieuser\appdata\local\temp\vmware-ieuser\vmwarednd\528df9d8\kyrazon setup - v1.0.8.rar

8/2/2024, 7:19:31 AM

explorer.exe (PID: 6048)

created c:\users\ieuser\desktop\kyrazon setup - v1.0.8.rar

8/2/2024, 7:19:31 AM

winrar.exe (PID: 10384)

read c:\users\ieuser\desktop\kyrazon setup - v1.0.8.rar

8/2/2024, 7:19:38 AM

winrar.exe (PID: 10384)

created c:\users\ieuser\appdata\local\temp\rar$drb10384.48796\kyrazon setup.exe

8/2/2024, 7:19:50 AM

explorer.exe (PID: 6048)

renamed c:\users\ieuser\appdata\local\temp\rar$drb10384.48796\kyrazon setup.exe to c:\users\ieuser\desktop\kyrazon setup.exe

8/2/2024, 7:19:53 AM
^
Process Name:
Arguments:
Path:
PID:
Start Time:
Close Time:
Duration:
Created By:
Created By PID:
Parent Chain:
MD5:
Signed By:
User Name:
User SID:
SID Name:
SID Description:
Classification:
Malware Family:
First Seen:
Risk:
Severity:
Confidence:
Detections:
Submitted As:
File Type:
File Size (Bytes):
File Version:
Signed By:
Company:
Close
Arguments: