ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3

Analysis

max time kernel
146s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07-11-2022 09:39

Target

ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe
Size

438KB
MD5

083d7d06157bd18b04eb136701faef50
SHA1

21e07ebf7d9db7ebc173218b84517b687d76de3f
SHA256

ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3
SHA512

bddcdc9901be7ca59245aeef65ddc1c794e196cd8a7fea53cbb8314fb3ac8b1e2fd9098e326ad076804bc26839253bb5ea969fd2d712546ffdf12dd44e9aa473
SSDEEP

6144:FzCkWaVvU/h/sBfKPd39CvQbHmslhnNxGzVXbptGp3YFzHVLR6Wb3ezgcvhqFuB/:tCkShU0PdtCvc/xoVXb3MoFz1xzezV

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2148 wrote to memory of 4560	2148	ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe	81
PID 2148 wrote to memory of 4560	2148	ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe	81
PID 2148 wrote to memory of 4560	2148	ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe	81

C:\Users\Admin\AppData\Local\Temp\ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe
"C:\Users\Admin\AppData\Local\Temp\ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2148
- C:\Users\Admin\AppData\Local\Temp\ec7b25396105da99759f4087300d5bc22e49b9a956ccefd9d906f4167fa169c3.exe
  tear
  2⤵
  PID:4560

memory/2148-134-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/2148-133-0x0000000000400000-0x0000000000470000-memory.dmp

Filesize
448KB

Download
memory/4560-132-0x0000000000000000-mapping.dmp

Download
memory/4560-135-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download
memory/4560-136-0x0000000005000000-0x0000000005056000-memory.dmp

Filesize
344KB

Download