9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60

Analysis

max time kernel
202s
max time network
215s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
22/11/2022, 00:38

Target

9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe
Size

522KB
MD5

a56001463fff0897a262fb04f19a830f
SHA1

cc1a5ae4cd49b8f52e081d28f1bb4603e79e29aa
SHA256

9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60
SHA512

f0b40dfb9db01e6ccb182bdb36f44c208d203bdb4ea5bed0ab137d0cf1a492aefea9ae293358884f7f6a9ab7467d5b8c517406a16011dc05fea10dd6b9a91a7c
SSDEEP

12288:obdxMo+tiKwCt0q35y18xQqpx8O5K0J6C:obd4ifq35atqpx82J

Score

1^/10

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 520 wrote to memory of 4404	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	82
PID 520 wrote to memory of 4404	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	82
PID 520 wrote to memory of 4404	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	82
PID 520 wrote to memory of 3216	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	83
PID 520 wrote to memory of 3216	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	83
PID 520 wrote to memory of 3216	520	9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe	83

C:\Users\Admin\AppData\Local\Temp\9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe
"C:\Users\Admin\AppData\Local\Temp\9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:520
- C:\Users\Admin\AppData\Local\Temp\9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe
  start
  2⤵
  PID:4404
- C:\Users\Admin\AppData\Local\Temp\9f8f05209c401ece65372d992e30feef5c0117ed4ff19990f11f7f8f037c2a60.exe
  watch
  2⤵
  PID:3216

memory/520-132-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/520-135-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/3216-137-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/3216-138-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/3216-141-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/3216-143-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/4404-136-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/4404-139-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/4404-140-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download
memory/4404-142-0x0000000000400000-0x000000000048C000-memory.dmp

Filesize
560KB

Download