b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca

Analysis

max time kernel
163s
max time network
170s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 13:17

Target

b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe
Size

524KB
MD5

02a77e000fff2395d8dc9ddcf1ac9c9e
SHA1

4cc12615c4788e4adbdf32468462cd9d53fc2d42
SHA256

b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca
SHA512

d31159f4b452c7b91145b877bf53a41dce8c15745ed1f6e25a812bf1ecf021d3ca052827d95ac474b2b35cb235fc1fd25c7d60c1e28ad4a56d326e2c9057142a
SSDEEP

12288:d6KEoKyIJUuTFbL10CQPVzvBVKXCuapzDBG:dcoA59L10rPVzvSXCXD

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe

description	pid	process	target process
PID 516 wrote to memory of 3384	516	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe
PID 516 wrote to memory of 3384	516	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe
PID 516 wrote to memory of 3384	516	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe	b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe

C:\Users\Admin\AppData\Local\Temp\b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe
"C:\Users\Admin\AppData\Local\Temp\b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:516
- C:\Users\Admin\AppData\Local\Temp\b6116be52240d1d04ccad28070b7210520c9af4fd71f7f1e98c25bfd280b9bca.exe
  tear
  2⤵
  PID:3384

memory/516-133-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3384-132-0x0000000000000000-mapping.dmp

Download
memory/3384-134-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3384-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3384-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download