ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999

Analysis

max time kernel
151s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
27/11/2022, 15:16

Target

ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe
Size

507KB
MD5

14e469f8a581af4021eaa1a2c265bc9e
SHA1

c75fa672d14818ea8ef5418d7a3d2eff1e584424
SHA256

ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999
SHA512

68217a59042244dcf412fcc9da138f29dab0356357fec0c034682c908cce585cc7e873c575789e3bc9d39cef3824d3a67debbccb58eba3128c030766d89c8d14
SSDEEP

6144:ulCnzZj7iwLJ+uDKrVuAML6TngEKwrh9qu2X/wfVpDlNYE13sfu5DCzIcN5fcFkF:62Xd/jEKkcxX/6Bcssxz4AWW

Score

1^/10

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2000 wrote to memory of 4880	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	83
PID 2000 wrote to memory of 4880	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	83
PID 2000 wrote to memory of 4880	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	83
PID 2000 wrote to memory of 2140	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	84
PID 2000 wrote to memory of 2140	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	84
PID 2000 wrote to memory of 2140	2000	ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe	84

C:\Users\Admin\AppData\Local\Temp\ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe
"C:\Users\Admin\AppData\Local\Temp\ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2000
- C:\Users\Admin\AppData\Local\Temp\ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe
  start
  2⤵
  PID:4880
- C:\Users\Admin\AppData\Local\Temp\ae4009ef0959023c312b7d25fb5d8bd586fc3a9b9d4aef5defdddc66d2f1d999.exe
  watch
  2⤵
  PID:2140

memory/2000-132-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2000-135-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2140-137-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2140-139-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/2140-140-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/4880-136-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download
memory/4880-138-0x0000000000400000-0x0000000000484000-memory.dmp

Filesize
528KB

Download