46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32

Analysis

max time kernel
47s
max time network
55s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 14:27

Target

46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
Size

533KB
MD5

cb089c6ead5730a10cb4bdf067d161fe
SHA1

a9c3109266a3210ab04a28a2887c213f0efd9d32
SHA256

46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32
SHA512

d5dbefcf81cca791b257a50e6301e57380f9817f7a5e289ea3d9d63245c43e1c473e43eaf1044d3ca96125f992060593bb072f1b09f0dfad74bf13e79f825693
SSDEEP

12288:Oe4HpuBfVy5RShx0GLM5ChzQ1RVykPjY:IHp/mhx0GLrh01jyY0

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe

description	pid	process	target process
PID 1664 wrote to memory of 1972	1664	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
PID 1664 wrote to memory of 1972	1664	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
PID 1664 wrote to memory of 1972	1664	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
PID 1664 wrote to memory of 1972	1664	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe	46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe

C:\Users\Admin\AppData\Local\Temp\46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
"C:\Users\Admin\AppData\Local\Temp\46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1664

C:\Users\Admin\AppData\Local\Temp\46a3952bf88f98342c0cf2b252fbaa344d3e89c46a273a35b07ec2207d20bb32.exe
tear
2⤵
PID:1972

memory/1664-54-0x0000000075591000-0x0000000075593000-memory.dmp

Filesize
8KB

Download
memory/1664-56-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download
memory/1972-55-0x0000000000000000-mapping.dmp

Download
memory/1972-58-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download
memory/1972-59-0x0000000000400000-0x0000000000491000-memory.dmp

Filesize
580KB

Download