700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1

Analysis

max time kernel
160s
max time network
188s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
27-11-2022 12:14

Target

700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe
Size

515KB
MD5

c045e4cad17a8629a3028a32c8ae07e9
SHA1

942bc50aa13cae6620f3807148a3d23d71121b5c
SHA256

700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1
SHA512

34c3126bb2e5513d8235fe4006855055065e820e0b7122e961e481ef753758260c9343acc11b1a7c7167508d00d2188894ea3d12cb8b6e0719258c7526da45e9
SSDEEP

6144:j9gtoDyD9Ag9rIywgibXtoKLveqvr9SMI0LvJcz4XiOVOvli8xfDyND6KcaJOa8x:GRAXb7toKLvbXXlPQwDR2z

Score

1^/10

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 4744 wrote to memory of 3472	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	86
PID 4744 wrote to memory of 3472	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	86
PID 4744 wrote to memory of 3472	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	86
PID 4744 wrote to memory of 4460	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	85
PID 4744 wrote to memory of 4460	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	85
PID 4744 wrote to memory of 4460	4744	700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe	85

C:\Users\Admin\AppData\Local\Temp\700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe
"C:\Users\Admin\AppData\Local\Temp\700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4744
- C:\Users\Admin\AppData\Local\Temp\700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe
  watch
  2⤵
  PID:4460
- C:\Users\Admin\AppData\Local\Temp\700bda060a00cd766b3e044559213d1ddab1d119058107fab178bc54d851a8b1.exe
  start
  2⤵
  PID:3472

memory/3472-133-0x0000000000000000-mapping.dmp

Download
memory/3472-136-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/3472-138-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/3472-140-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/4460-134-0x0000000000000000-mapping.dmp

Download
memory/4460-137-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/4460-139-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/4460-141-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/4744-132-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download
memory/4744-135-0x0000000000400000-0x0000000000486000-memory.dmp

Filesize
536KB

Download