226f48d641844cff14ec5eace5bab1a872d878f663af546703235eda81ec0a5e

Analysis

max time kernel
44s
max time network
50s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
27/11/2022, 03:40

Target

fifa-15-2014.torrent.exe
Size

575KB
MD5

ed66ec86b5ae7da793cb9295a7d6cbb6
SHA1

b1ce421df38ee04dabfe97383f96c1a77cf9a1e8
SHA256

6fc112d58818bea3746a52bf0afe31106402373bf16dec01c4befc5e71f52320
SHA512

a73e1dda5051e6393164760329557dd846fe057b8a02b30f0095b04f7950822f9a8e7bd7f9fd4b7966bf9f33806e5ad5d35b5ed9c34058ea1f51f4d16c761654
SSDEEP

12288:ruIZNSEtfUwrzqB9/hkLNEGkV973pN8LjH1FVABN2A:i7weM8X7ZtN2A

Score

1^/10

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 1816 wrote to memory of 1108	1816	fifa-15-2014.torrent.exe	27
PID 1816 wrote to memory of 1108	1816	fifa-15-2014.torrent.exe	27
PID 1816 wrote to memory of 1108	1816	fifa-15-2014.torrent.exe	27
PID 1816 wrote to memory of 1108	1816	fifa-15-2014.torrent.exe	27
PID 1816 wrote to memory of 900	1816	fifa-15-2014.torrent.exe	28
PID 1816 wrote to memory of 900	1816	fifa-15-2014.torrent.exe	28
PID 1816 wrote to memory of 900	1816	fifa-15-2014.torrent.exe	28
PID 1816 wrote to memory of 900	1816	fifa-15-2014.torrent.exe	28

C:\Users\Admin\AppData\Local\Temp\fifa-15-2014.torrent.exe
"C:\Users\Admin\AppData\Local\Temp\fifa-15-2014.torrent.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1816
- C:\Users\Admin\AppData\Local\Temp\fifa-15-2014.torrent.exe
  start
  2⤵
  PID:1108
- C:\Users\Admin\AppData\Local\Temp\fifa-15-2014.torrent.exe
  watch
  2⤵
  PID:900

memory/900-63-0x0000000000535000-0x0000000000546000-memory.dmp

Filesize
68KB

Download
memory/900-62-0x0000000005000000-0x0000000005069000-memory.dmp

Filesize
420KB

Download
memory/900-67-0x0000000005000000-0x0000000005069000-memory.dmp

Filesize
420KB

Download
memory/1108-64-0x0000000005000000-0x0000000005069000-memory.dmp

Filesize
420KB

Download
memory/1108-65-0x00000000008A5000-0x00000000008B6000-memory.dmp

Filesize
68KB

Download
memory/1108-66-0x0000000005000000-0x0000000005069000-memory.dmp

Filesize
420KB

Download
memory/1816-54-0x0000000075AC1000-0x0000000075AC3000-memory.dmp

Filesize
8KB

Download
memory/1816-57-0x0000000000400000-0x0000000000490000-memory.dmp

Filesize
576KB

Download
memory/1816-60-0x0000000005000000-0x0000000005069000-memory.dmp

Filesize
420KB

Download
memory/1816-61-0x00000000007E5000-0x00000000007F6000-memory.dmp

Filesize
68KB

Download