26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56

Analysis

max time kernel
144s
max time network
180s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
01/10/2022, 22:58

Target

26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56.exe
Size

58KB
MD5

6f33427772af505035e62b0c3ab979d0
SHA1

0c91dbc40f56ed6e04f424cf5b3c1ab2e29f2db5
SHA256

26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56
SHA512

26ec13b8ea577c51a0474419388a1688ab6e7d7dc787f5356fb406b4ff4702b4896ddbe715c7ae7d96266bf3aba104663d1d6ef9a7772e50b93d0d3b81a6d273
SSDEEP

1536:nsyLmMZx9N0UP9OvVICpICh+LXXFHTJKqOj:EMhNtCvYLnZTJK5j

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2592 wrote to memory of 1272	2592	26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56.exe	45
PID 2592 wrote to memory of 1272	2592	26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56.exe	45
PID 2592 wrote to memory of 1272	2592	26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56.exe	45
PID 2592 wrote to memory of 1272	2592	26dbd883a0c9f40e4720d18237296033aa752ac42e2797748a18c3f74f403a56.exe	45

memory/1272-133-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/2592-132-0x00000000003F0000-0x00000000009BB000-memory.dmp

Filesize
5.8MB

Download
memory/2592-134-0x00000000003F0000-0x00000000009BB000-memory.dmp

Filesize
5.8MB

Download
memory/2592-135-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download