cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1

Analysis

max time kernel
229s
max time network
336s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
02/12/2022, 18:14

Target

cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe
Size

333KB
MD5

518182eebb1e3d236a85a0addde77dee
SHA1

29ebeb3e5dbdc6bd7a3c59bd5a37dd2ff5f29e1f
SHA256

cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1
SHA512

d5c32f76ece42ddecc518c914ce8ab450c4c9381d225918f5254bfed893567af6799633e15053ba1f6b5c4a48c19ba7e49a40d7274380e09e4343282fec4e5d3
SSDEEP

6144:bKDe8XK2Tpbv3S/ZRbpRbIzHciWyks0GwPrC4d49Gd84wJUaDqGJlQBp:eDe8621bMZLRIzHciDsjvb6J7PM

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 360 set thread context of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28
PID 360 wrote to memory of 520	360	cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe	28

C:\Users\Admin\AppData\Local\Temp\cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe
"C:\Users\Admin\AppData\Local\Temp\cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:360
- C:\Users\Admin\AppData\Local\Temp\cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe
  "C:\Users\Admin\AppData\Local\Temp\cc24f29d0666fcb4c3bd84be8574399ff194380a3356a0ae9a55b8d3245ccca1.exe"
  2⤵
  PID:520

memory/360-54-0x0000000000400000-0x0000000000458000-memory.dmp

Filesize
352KB

Download
memory/360-64-0x0000000000400000-0x0000000000458000-memory.dmp

Filesize
352KB

Download
memory/520-55-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/520-56-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/520-58-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/520-59-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/520-61-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/520-65-0x0000000075C11000-0x0000000075C13000-memory.dmp

Filesize
8KB

Download
memory/520-66-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download