74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4

Analysis

max time kernel
19s
max time network
47s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29/11/2022, 07:47

Target

74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe
Size

126KB
MD5

4a09b71a15391a3632a3962397d45968
SHA1

94e1be299bbd3cab4f3a83053d63e963a1e56540
SHA256

74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4
SHA512

a7fa695191ddba38858355baec7b2b78fb96fba3adeb9f0843d4dfc5ab4bfe0a6c0ca9bc2e68393fd9400d8bfd74ab451fcaa40acc22d8cd9ca99eb8e80f6704
SSDEEP

3072:7AnGgRwDKxt7ENHeuO2KOSLgk5yGqO3N:0GgvEN+uOeKRqaN

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 848 wrote to memory of 2040	848	74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe	27
PID 848 wrote to memory of 2040	848	74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe	27
PID 848 wrote to memory of 2040	848	74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe	27
PID 848 wrote to memory of 2040	848	74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe	27

C:\Users\Admin\AppData\Local\Temp\74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe
"C:\Users\Admin\AppData\Local\Temp\74623d337d8fb5333cd511666c14948cab8f7ebee2eb5341661c556568a466f4.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:848
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
  dw20.exe -x -s 400
  2⤵
  PID:2040

memory/848-54-0x0000000075ED1000-0x0000000075ED3000-memory.dmp

Filesize
8KB

Download
memory/848-57-0x0000000074DC0000-0x000000007536B000-memory.dmp

Filesize
5.7MB

Download
memory/848-58-0x0000000074DC0000-0x000000007536B000-memory.dmp

Filesize
5.7MB

Download