ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca

Analysis

max time kernel
151s
max time network
159s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03/12/2022, 17:30

Target

ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe
Size

217KB
MD5

8d1f3b81eb35c5aba7eb3fa3972bb571
SHA1

8963486e323826a389df27de5ef50c7df573e2f7
SHA256

ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca
SHA512

8c0856e58b2c532dc660d089fce8d85588796fa6a0c3f5dcfc4b468fdc5ea1f6805eec1a4476034e37d983a7a3d7284e6f6ae6fca06a059fe5fe28fca36c0bcd
SSDEEP

3072:md1fOZVUe92h0YK7DG+zdy3+P+kdMMKw4iPl7Wimf357RomDgWqI:Ii0tfJRomDcI

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 984 set thread context of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe
4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe
4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe
4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 984 wrote to memory of 4856	984	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	82
PID 4856 wrote to memory of 1084	4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	25
PID 4856 wrote to memory of 1084	4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	25
PID 4856 wrote to memory of 1084	4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	25
PID 4856 wrote to memory of 1084	4856	ccf103f47a649613b7dc6bfca34be3c686e113ecb231c244edc27a93325558ca.exe	25

memory/984-132-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download
memory/984-138-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download
memory/1084-140-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/4856-136-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4856-139-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/4856-141-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download