91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4

Analysis

max time kernel
90s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 13:39

Target

91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
Size

524KB
MD5

7fd52eb7da4511a714144849d704d99e
SHA1

08be02dfc1a85deb0287259a20d48794851f3f1e
SHA256

91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4
SHA512

fa28b925e2a1c094f18ede94b257e70407c8104bc5d8cb77ae351c8539202fc9b973773de2d6489e57897b11014e5ac19bf1534bc776d46ac86bebfade3300bd
SSDEEP

12288:haCoF4RL19McSapxpArBuwBVzvBVKXCuapzDBGf:hxR5FpxOpVzvSXCXD

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe

description	pid	process	target process
PID 5060 wrote to memory of 4688	5060	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
PID 5060 wrote to memory of 4688	5060	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
PID 5060 wrote to memory of 4688	5060	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe	91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe

C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
"C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5060

C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
tear
2⤵
PID:4688

memory/4688-134-0x0000000000000000-mapping.dmp

Download
memory/4688-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4688-137-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4688-138-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4688-139-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/5060-132-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/5060-133-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/5060-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download