55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d

Analysis

max time kernel
296s
max time network
318s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 14:17

Target

55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe
Size

524KB
MD5

4a4c6f39fbd652651cdf2011ab125554
SHA1

b6b1e395d6cda7fa8aac41c24611929286f1ef06
SHA256

55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d
SHA512

6d03a4eabb6de1846f69f0cfd6edfadd7ee9b461b5727386128f77b4b48c1b3f41f3a3f4bc53489ed0c799743b25734abbc51aa1a8837be0efdb83248bd48b0c
SSDEEP

6144:oglW9pLE0RSp2Uf6hQzsJL7STQcLN5qp2GnyifQ7hCECBZvBVF8X2Vx2FBa3Lm+u:n2awU9steTjw25EVzvBVKXCuapzDBGs

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe

description	pid	process	target process
PID 4972 wrote to memory of 1464	4972	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe
PID 4972 wrote to memory of 1464	4972	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe
PID 4972 wrote to memory of 1464	4972	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe	55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe

C:\Users\Admin\AppData\Local\Temp\55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe
"C:\Users\Admin\AppData\Local\Temp\55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4972
- C:\Users\Admin\AppData\Local\Temp\55f9b60fd10bc00f74cee24ec65ea9285410a9dac1eca47eee55750aaca2d69d.exe
  tear
  2⤵
  PID:1464

memory/1464-134-0x0000000000000000-mapping.dmp

Download
memory/1464-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1464-137-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4972-132-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4972-133-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4972-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download