88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70

Analysis

max time kernel
144s
max time network
183s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
14/10/2022, 10:04

Target

88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe
Size

31KB
MD5

75ca771d9193949fb5412e85d6d45a39
SHA1

16ff284bda314342cfa8044d7c2a3159418dbaed
SHA256

88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70
SHA512

30e96da3d8da4501ecb80ced34bcc0754ecf5a3824151652e5ce813c92c65d12a9dc24a0bf95a28996e03c835af9e7c703d54ac7cfa243687cb53661425a4f9c
SSDEEP

768:Z+h7TzTBziifTeiZSVWihwEknh0L7OTLeNfQfG:kZ/nEkh8OTKNX

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe
4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe
4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe
4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 4508 wrote to memory of 744	4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe	50
PID 4508 wrote to memory of 744	4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe	50
PID 4508 wrote to memory of 744	4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe	50
PID 4508 wrote to memory of 744	4508	88fdff8bcd3c1aad91313ffaf9bc51e49bec712a1a58c32edd42cfe8c8c11a70.exe	50

memory/744-133-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/4508-132-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4508-134-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4508-135-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download