983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b

Analysis

max time kernel
52s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07/11/2022, 11:34

Target

983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe
Size

316KB
MD5

041a8075856c61a02a79a0b382ad6e49
SHA1

3a7092643840173f7efa9eb343ef7e5670c0c068
SHA256

983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b
SHA512

5f504b8bf04d24dc791d0ab62c1be4cc87486a4b3cb041021d421d54d7d2b243658337dba6f145283544781868b5758a5c38ee04d7793b399e1b8068cfd1ffd2
SSDEEP

6144:GEYZeu+PEb7jtwLCYA5Sb0FMnP+2iKbCOOW229vY6SlTXjFt29:weu+PGPtwL3VP+2DG0pCVpt29

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 956 set thread context of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe
644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe
644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe
644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 956 wrote to memory of 644	956	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	80
PID 644 wrote to memory of 2228	644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	53
PID 644 wrote to memory of 2228	644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	53
PID 644 wrote to memory of 2228	644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	53
PID 644 wrote to memory of 2228	644	983e2029d9ca5aef572650a6b0dc67b2e75a3f6a70692fcd03a1c11815366d1b.exe	53

memory/644-137-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/644-141-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/644-143-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/956-132-0x0000000000400000-0x0000000000458000-memory.dmp

Filesize
352KB

Download
memory/956-133-0x0000000000A30000-0x0000000000A7E000-memory.dmp

Filesize
312KB

Download
memory/956-139-0x0000000000A30000-0x0000000000A7E000-memory.dmp

Filesize
312KB

Download
memory/956-140-0x0000000000400000-0x0000000000458000-memory.dmp

Filesize
352KB

Download
memory/2228-142-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download