9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992

Analysis

max time kernel
170s
max time network
206s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
03-12-2022 19:17

Target

9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe
Size

256KB
MD5

cca13db6e6ac829b00a0ce5cddcdc7d3
SHA1

47b725255fe9819f2ae2033dfa15c38f1cb1f3d3
SHA256

9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992
SHA512

5b9c82e88a5c3fa7292d492de17c41a7cfb4cd872aa0f51b98447254f338ded16f84b50568324ca4a7cefc5859022c3e055681bb369e1b8c8433541c8019ed0c
SSDEEP

3072:uAznuYOZMYhWLPvnsa/kI9XIxFxk9UOqh4/F5/YiwGSitYcYkrDJHO:rdqMtP/sa/kIlCkGOqh4/zAM

Score

5^/10

Suspicious use of SetThreadContext 2 IoCs

description	pid	Process	procid_target
PID 4524 set thread context of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 2168 set thread context of 0	2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe
2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 4524 wrote to memory of 2168	4524	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe	81
PID 2168 wrote to memory of 0	2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe
PID 2168 wrote to memory of 0	2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe
PID 2168 wrote to memory of 0	2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe
PID 2168 wrote to memory of 0	2168	9c873a22085c65c00169f383289a1ab1a3827b81b7bb2d0baa009e11c2e8e992.exe

memory/0-139-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/2168-134-0x0000000000000000-mapping.dmp

Download
memory/2168-135-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download
memory/2168-140-0x0000000000400000-0x0000000000433000-memory.dmp

Filesize
204KB

Download