5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2

Analysis

max time kernel
33s
max time network
42s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
30/10/2022, 11:24

Target

5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe
Size

165KB
MD5

9350f943685587c65d8f5b5eb2142e60
SHA1

f1d1587b2be1189cd12e40369bd6bbf613f7fcc6
SHA256

5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2
SHA512

37aa20ee1f1ddf8cb072a309b13147fefb4ec79fb88a3673d6f53b492a6ed2744983ba566f1be2ffd2eafdc46fd2e3eda55ba2d94cc6d1aafe00b57f24e72971
SSDEEP

3072:jUAHqAccOD5usDK02jo8G3odHtIN1xYa4OLnS+M5azWRSY:jUxtD4SKdo8yCtIlYa4CaaRY

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1720 wrote to memory of 2020	1720	5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe	27
PID 1720 wrote to memory of 2020	1720	5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe	27
PID 1720 wrote to memory of 2020	1720	5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe	27
PID 1720 wrote to memory of 2020	1720	5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe	27

C:\Users\Admin\AppData\Local\Temp\5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe
"C:\Users\Admin\AppData\Local\Temp\5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1720
- C:\Users\Admin\AppData\Local\Temp\5ccab704e05c1f6a7654c1e8ac25ff20a8f9dc0e26f5fd84ea5503ca85cfe1b2.exe
  ?
  2⤵
  PID:2020

memory/1720-54-0x0000000075BD1000-0x0000000075BD3000-memory.dmp

Filesize
8KB

Download
memory/1720-57-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download
memory/2020-58-0x0000000010000000-0x000000001000C000-memory.dmp

Filesize
48KB

Download
memory/2020-62-0x0000000000400000-0x000000000043D000-memory.dmp

Filesize
244KB

Download