6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e

Analysis

max time kernel
148s
max time network
167s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 16:54

Target

6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe
Size

524KB
MD5

f6db5ca02bac92a332981455aab5f270
SHA1

bd2d67077ab2dfd2f2c54dba6e17826ab7796c7a
SHA256

6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e
SHA512

d9435358fcbda7bc55f729134676e6d755207f9c6b3968ba8703d2009c9063242434df52b46c58437bd69b8380943b04d0d3d30ef8f74e1c96810dc3bad606a3
SSDEEP

12288:RWLrxsgdLhmvr6IRA0aSqvZVzvBVKXCuapzDBGs:E6g1hmne0a3VzvSXCXD

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe

description	pid	process	target process
PID 1796 wrote to memory of 1208	1796	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe
PID 1796 wrote to memory of 1208	1796	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe
PID 1796 wrote to memory of 1208	1796	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe	6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe

C:\Users\Admin\AppData\Local\Temp\6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe
"C:\Users\Admin\AppData\Local\Temp\6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1796

C:\Users\Admin\AppData\Local\Temp\6e8cdc67da94e4126d90525b6ff8a022cbc185846d9175e698dc837d63546f8e.exe
tear
2⤵
PID:1208

memory/1208-133-0x0000000000000000-mapping.dmp

Download
memory/1208-135-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1208-136-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1208-137-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1796-132-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download
memory/1796-134-0x0000000000400000-0x000000000048E000-memory.dmp

Filesize
568KB

Download