600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04

Analysis

max time kernel
104s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
11-10-2022 14:18

Target

600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe
Size

63KB
MD5

19428dff502b816afda3df9628e8bfff
SHA1

b36b37ee8dc5dd0265a3e2ac7ae1224d5c3bf84f
SHA256

600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04
SHA512

70919530a3beb5e4dc3196c9ae8a1676e9e7cf467ddc986f4db4d89eac6c911899081072d847eadbb5c51a4cb5c0c4d94eb96b67b5986cc8acafe1c3457a5924
SSDEEP

768:+KEiYW9iWBABE77ofUChPkZW413mzN9MJc1ubPfesElU7J3cPad:X99BAO7WU0Pk7NYN+JcK3L7J3d

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4812 set thread context of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe
2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe

Suspicious use of WriteProcessMemory 13 IoCs

description	pid	Process	procid_target
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 4812 wrote to memory of 2180	4812	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	84
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39
PID 2180 wrote to memory of 2416	2180	600fc76a3103f090a85c73578abba8115fa2f4fa480747a83ccc845755d77f04.exe	39

memory/2180-134-0x0000000000000000-mapping.dmp

Download
memory/2180-135-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2180-137-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2180-138-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/2180-140-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2416-139-0x000000007FFC0000-0x000000007FFC6000-memory.dmp

Filesize
24KB

Download