4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da

Analysis

max time kernel
41s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02-10-2022 05:45

Target

4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe
Size

423KB
MD5

64ab52823b66deee05eef39f3c201f20
SHA1

e674ea4e08b9ddd87695b49af8b34a7c407338f9
SHA256

4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da
SHA512

a0953a5cc11c7e1fd1cf4494a0705108217c30644bd62536c408ed1a6cdf28fd709ab83b9351424d5a740cfd22dc9f2b6bf321c2ad25522e976cbde2b6bf66b8
SSDEEP

6144:aH8SaVvAaeQmV+poX7Jlz25o6sfEgRnPoLur+0kO3SKEDw/W4zBHy1:ahaVne2pIDzh6sNQLI+0MEdzBH+

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 900 wrote to memory of 1904	900	4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe	27
PID 900 wrote to memory of 1904	900	4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe	27
PID 900 wrote to memory of 1904	900	4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe	27
PID 900 wrote to memory of 1904	900	4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe	27

C:\Users\Admin\AppData\Local\Temp\4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe
"C:\Users\Admin\AppData\Local\Temp\4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:900
- C:\Users\Admin\AppData\Local\Temp\4db4aba062e3b39e3f3e72b2057cd9e6ccb7a3dd2bc662e45e2dd48f053671da.exe
  tear
  2⤵
  PID:1904

memory/900-54-0x00000000762D1000-0x00000000762D3000-memory.dmp

Filesize
8KB

Download
memory/900-57-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/900-55-0x0000000000400000-0x000000000046C000-memory.dmp

Filesize
432KB

Download
memory/900-60-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/1904-56-0x0000000000000000-mapping.dmp

Download
memory/1904-59-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/1904-61-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/1904-62-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download