728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736

Analysis

max time kernel
150s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 23:48

Target

728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736.exe
Size

31KB
MD5

362b576a1479ace05b8dec534830d1c7
SHA1

1832fe490b6411970b440a16775808677a49ca59
SHA256

728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736
SHA512

eb8d92c2cf5b197d974ee6ead44bfdf433ef49ca783722e5dba23266b0965f8b8148fab27c984c7fceaec2ca2b7605603e0ba1e98e79fb8e1bfd1f3021a1a574
SSDEEP

768:Z+h7TzTBziifTeiZSVWihwEknh0L7OTLeNfQfd:kZ/nEkh8OTKNM

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3140 wrote to memory of 2596	3140	728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736.exe	31
PID 3140 wrote to memory of 2596	3140	728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736.exe	31
PID 3140 wrote to memory of 2596	3140	728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736.exe	31
PID 3140 wrote to memory of 2596	3140	728e28f347fc80965e55ba6043d444524279bf2b25197b4e0238703e1d39b736.exe	31

memory/2596-133-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3140-132-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/3140-134-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/3140-135-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download