a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d

Analysis

max time kernel
152s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 13:28

Target

a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe
Size

524KB
MD5

e9f14ebd3b01583190124fcfa3b543f6
SHA1

2f829be00cc488329e3122060de47dad1d0db143
SHA256

a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d
SHA512

6609e23cb4f8a49f27c35a51b04836c907687e9e34f47d8313e0c487f5074a9614a8f952b8c6c9e57dd4d07b25f678553092008bc6f47c9bf8e2a4dc02952b41
SSDEEP

6144:ed0oh4r81+xpjqT7s407XgehobDYE2T1wdsrbww+VCECBZvBVF8X2Vx2FBa3Lm+G:evk874WD+dbvVzvBVKXCuapzDBGI

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe

description	pid	process	target process
PID 1628 wrote to memory of 2172	1628	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe
PID 1628 wrote to memory of 2172	1628	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe
PID 1628 wrote to memory of 2172	1628	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe	a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe

C:\Users\Admin\AppData\Local\Temp\a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe
"C:\Users\Admin\AppData\Local\Temp\a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1628

C:\Users\Admin\AppData\Local\Temp\a6cb49e0b77a260b60429edc36162d3099d2e68d72a69f0acc0756ea59da051d.exe
tear
2⤵
PID:2172

memory/1628-132-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1628-134-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/2172-133-0x0000000000000000-mapping.dmp

Download
memory/2172-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/2172-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/2172-137-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/2172-138-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download