cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52

Analysis

max time kernel
154s
max time network
172s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
01/12/2022, 17:35

Target

cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe
Size

1.1MB
MD5

5b6dc56b0ab0d2ce8b74da617ddc3b62
SHA1

9d5353f5b7e7dedd48f03b3236f73c980cf0fa29
SHA256

cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52
SHA512

65d1ac92273c4fd437096397af81e0d211e93b0e278d236c10e00260008eed8eb1aba3d441095933d1291af84ed9face179b63425e15d8dcb65f51d2e06c4f72
SSDEEP

24576:fddg/E7bCmsjOIK136PChmraBPpwQuiyIakELopK9KmXwvToW5K:fDg/f8KPChJlrL8owKbvxU

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 384 set thread context of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe
1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe
1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe
1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe
384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 384 wrote to memory of 1968	384	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	80
PID 1968 wrote to memory of 2740	1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	60
PID 1968 wrote to memory of 2740	1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	60
PID 1968 wrote to memory of 2740	1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	60
PID 1968 wrote to memory of 2740	1968	cbeb9f11f46fb888b9128c66033cc2f32723540be3a37fb8b332115d02cfca52.exe	60

memory/384-132-0x0000000000400000-0x0000000000942000-memory.dmp

Filesize
5.3MB

Download
memory/384-138-0x0000000000400000-0x0000000000942000-memory.dmp

Filesize
5.3MB

Download
memory/1968-136-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1968-139-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/1968-141-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2740-140-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download