dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd

Analysis

max time kernel
175s
max time network
195s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
04/12/2022, 14:18

Target

dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe
Size

115KB
MD5

8984da2022b0596d8fec5c18030f5e15
SHA1

c3dd6970df9e8e01edca7693c1b16a17f3fd03c3
SHA256

dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd
SHA512

f95178e9f3aace50bb59adc18c7c6dc5ead064c80dabbf0dd91663313f2cc8ef5d64e18e62c04164985c9571e5f0bd357075860aec95af040f78783e08a8bec6
SSDEEP

1536:3q7Gx48FEcE9oKm/7S3h4kOYyIu0srBvaIjT6wBa3SGclpllqU0SUDjfb26S3:3by79oK423R6BhraivprqU07Djfb2P3

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe
2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe
2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe
2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51
PID 2900 wrote to memory of 700	2900	dd61b2428b53870a8ac04bf9405f4c6f3fbffa1aa8115b82393a9524b5e637cd.exe	51

memory/700-134-0x000000007FFC0000-0x000000007FFC6000-memory.dmp

Filesize
24KB

Download
memory/2900-132-0x0000000000400000-0x0000000000420000-memory.dmp

Filesize
128KB

Download
memory/2900-133-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download
memory/2900-135-0x0000000000400000-0x0000000000420000-memory.dmp

Filesize
128KB

Download
memory/2900-136-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download