77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf

Analysis

max time kernel
47s
max time network
75s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 13:56

Target

77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
Size

524KB
MD5

99c1dc8abed52a340d729477f1329966
SHA1

dd8ab299db817d6edcd22989ad779d7c476bf25a
SHA256

77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf
SHA512

aca6726905bd5bc3d6a87fb75288cb13b4c010f6fb60d64042160d77dc5fc715a7ac410e2e54b239820f41de903b8b8f37e1ae55fcbdca3c11d222621430e843
SSDEEP

12288:AZqUXI+mdt50FQxbGoh8VzvBVKXCuapzDBG:cqGIlLquIY8VzvSXCXD

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe

description	pid	process	target process
PID 772 wrote to memory of 1636	772	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
PID 772 wrote to memory of 1636	772	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
PID 772 wrote to memory of 1636	772	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
PID 772 wrote to memory of 1636	772	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe	77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe

C:\Users\Admin\AppData\Local\Temp\77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
"C:\Users\Admin\AppData\Local\Temp\77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:772
- C:\Users\Admin\AppData\Local\Temp\77db040e06faf11d0306351188fa0093c37670a4d03f3cc2f189bb8a6deaf8cf.exe
  tear
  2⤵
  PID:1636

memory/772-54-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/772-55-0x0000000075D01000-0x0000000075D03000-memory.dmp

Filesize
8KB

Download
memory/772-57-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1636-56-0x0000000000000000-mapping.dmp

Download
memory/1636-59-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1636-60-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download