f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64

Analysis

max time kernel
171s
max time network
178s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
06/11/2022, 11:07

Target

f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe
Size

31KB
MD5

1a774bf540eb53ee23a3989ae0f12990
SHA1

a203dbba8615c57695da4db213e847c89b36c9fc
SHA256

f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64
SHA512

34926c1a9db34f004c26e6a99f1b730c8b40950efcf2bdaf84452003a846199269ff4b19c5669ddc8a4d1ff02dad6be3c7d5bd1773eda6c037a029a3511f9833
SSDEEP

768:Z+h7TzTBziifTeiZSVWihwEknh0L7OTLeNfQf2S:kZ/nEkh8OTKN3S

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe
5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe
5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe
5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 5044 wrote to memory of 2720	5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe	39
PID 5044 wrote to memory of 2720	5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe	39
PID 5044 wrote to memory of 2720	5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe	39
PID 5044 wrote to memory of 2720	5044	f0c5166ed6441141f374d46960d8ffa37178f0cb16318da332ba910ed4bbac64.exe	39

memory/2720-133-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/5044-132-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/5044-134-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/5044-135-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download