54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789

Analysis

max time kernel
38s
max time network
31s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 11:15

Target

54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe
Size

120KB
MD5

ae54e383864f66e86c1c8c41cb0560ae
SHA1

73fcc73a4eb2eecc27cf5ca2759ad66ee48e4243
SHA256

54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789
SHA512

d9e5320b1d2665c9e748ba38d13e464278db88f3bc023215b00a5e47e3a039ce1e17aabb35cc762af9d113029ebaa36b1142b02d09e22d7f9f881cf083b2419e
SSDEEP

3072:gqcZMrpJEecS2ALhkkaeQ0wOxK+RJdpdr:gqcZgDEe5V0SJd7

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

pid process

936 54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe
Suspicious use of UnmapMainImage 1 IoCs

Processes:

54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

pid process

936 54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

pid	process
936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

pid	process
936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

Suspicious use of WriteProcessMemory 5 IoCs

Processes:

54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe

description	pid	process	target process
PID 936 wrote to memory of 1216	936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe	Explorer.EXE
PID 936 wrote to memory of 1216	936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe	Explorer.EXE
PID 936 wrote to memory of 1216	936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe	Explorer.EXE
PID 936 wrote to memory of 1216	936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe	Explorer.EXE
PID 936 wrote to memory of 1216	936	54db270b9ca4df9852f2321dbb8d136cd4137f0a2a6df03799ce2ce9f2cfe789.exe	Explorer.EXE

memory/936-54-0x0000000075AE1000-0x0000000075AE3000-memory.dmp

Filesize
8KB

Download
memory/936-55-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/936-56-0x0000000000220000-0x000000000023D000-memory.dmp

Filesize
116KB

Download
memory/936-57-0x0000000000400000-0x0000000000434000-memory.dmp

Filesize
208KB

Download
memory/936-58-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download