5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38

Analysis

max time kernel
52s
max time network
55s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
29/10/2022, 00:39

Target

5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe
Size

128KB
MD5

0c7fd26e26185c53b8c865e17729bb31
SHA1

d8831a5de387919a5d2cf2aacd70db645aec59b3
SHA256

5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38
SHA512

3b27d458e9a2ad0ca13c341b5c973138bda06d6eb4b4e576be37983a97abfbe7f0fbe0e4946591ca743ea3c55102645a4db26ec4b85567bb4221f1fb6c7ac316
SSDEEP

1536:Iq4TAvL6qpc0TdP0bjp7RyI+SzHZYN0xxqrL9MmRm646PH54LU3QIWNRFtuXo2Dj:f1vJyH8Sz5i0xcNMmiO3+zFGo2vCJnu

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37
PID 4292 wrote to memory of 2064	4292	5c051ca2684b737f37fa56c244147ddab8e206419b8ca68160545a93866e3a38.exe	37

memory/2064-136-0x00000000004F0000-0x00000000004F9000-memory.dmp

Filesize
36KB

Download
memory/2064-135-0x0000000000FF0000-0x0000000000FFE000-memory.dmp

Filesize
56KB

Download
memory/2064-137-0x00000000004F0000-0x00000000004F9000-memory.dmp

Filesize
36KB

Download
memory/4292-134-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download