35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8

Analysis

max time kernel
91s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 14:36

Target

35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe
Size

524KB
MD5

afb49d9f14ae55c0d01cb88ec6479060
SHA1

6cc325a21f465c696a9a2833e7c73e07312fa8f1
SHA256

35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8
SHA512

a2eb49fbea781b570c80fbfe9cbcb31e7864d3408ce6fd7b268b69de4bab50f7d5c66a10c326f32610f94d6c10dc089ebca0e42b5db883af99df36706bf1acc7
SSDEEP

6144:NKiCZ9ueXhpe44QcioqJid8tZnzvCdLtXYizIvayFKZKvCECBZvBVF8X2Vx2FBaT:W3LXO0ciqdfNMFirVzvBVKXCuapzDBG

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe

description	pid	process	target process
PID 4256 wrote to memory of 3308	4256	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe
PID 4256 wrote to memory of 3308	4256	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe
PID 4256 wrote to memory of 3308	4256	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe	35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe

C:\Users\Admin\AppData\Local\Temp\35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe
"C:\Users\Admin\AppData\Local\Temp\35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4256

C:\Users\Admin\AppData\Local\Temp\35451588ad1d90e6616695be56ab41b60e79535e35d06d8f7410869bc77fa6f8.exe
tear
2⤵
PID:3308

memory/3308-133-0x0000000000000000-mapping.dmp

Download
memory/3308-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3308-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3308-137-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/3308-138-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4256-132-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/4256-134-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download