Analysis
-
max time kernel
142s -
max time network
170s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
11-10-2022 23:30
Static task
static1
Behavioral task
behavioral1
Sample
0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe
Resource
win10v2004-20220812-en
General
-
Target
0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe
-
Size
179KB
-
MD5
6756cc41d208c82735ff819cb6c15770
-
SHA1
aab0ad8ac9557ac2d4dec1b7ff47827eb156132c
-
SHA256
0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5
-
SHA512
e035da034dc3ec57e16adcac92ad2b9324d860580dc8d43ad599d48200991e7d34670fff73ff6dce873abcdb9d3c9b21a2b0762a3d1fcd10d34a815bc5771ba9
-
SSDEEP
3072:HoHraiMOfPD6pN+/WgSLq5cLU6CyEmR46pY/DlEQh:U+B+D6pNtEyBR9y/DlEO
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4280 wrote to memory of 736 4280 0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe 82 PID 4280 wrote to memory of 736 4280 0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe 82 PID 4280 wrote to memory of 736 4280 0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe 82
Processes
-
C:\Users\Admin\AppData\Local\Temp\0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe"C:\Users\Admin\AppData\Local\Temp\0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:4280 -
C:\Users\Admin\AppData\Local\Temp\0a74dd2de0583dcc7ce2f44a19e638843522045b99146904054a86cc8ca576c5.exe?2⤵PID:736
-