227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8

Analysis

max time kernel
140s
max time network
30s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
06/12/2022, 14:03

Target

227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe
Size

116KB
MD5

ab1a3edf51ef3741d04940601f79153a
SHA1

46d8d1eefad93bedda5d5eef441cd6ac933f6d38
SHA256

227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8
SHA512

cc8cdcb37d35823f782e6696e6214ad33a36b2a16aa3d58f06a49df53e730954dba9c8e280c4b2a8dd159669bdeab9210f46e8d4bc8bf30d448943bd568ee598
SSDEEP

3072:SLd3/Ed1zRj8ORNXB/DZ8wkqF49uP8FnZvdONSOCvLyOf3cFxnnnnnnnA:SLd3/Ed1zRj8ORNXZZ8wkqF49DFnZvdl

Score

1^/10

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1052	dw20.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1264 wrote to memory of 1052	1264	227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe	28
PID 1264 wrote to memory of 1052	1264	227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe	28
PID 1264 wrote to memory of 1052	1264	227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe	28
PID 1264 wrote to memory of 1052	1264	227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe	28

C:\Users\Admin\AppData\Local\Temp\227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe
"C:\Users\Admin\AppData\Local\Temp\227ebc91c9cd8dea16070d8ec1e0f136e8ba8f75d431f9af12918432da5b45a8.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1264
- C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
  dw20.exe -x -s 408
  2⤵
  - Suspicious behavior: GetForegroundWindowSpam
  PID:1052

memory/1264-54-0x0000000075291000-0x0000000075293000-memory.dmp

Filesize
8KB

Download
memory/1264-57-0x0000000074100000-0x00000000746AB000-memory.dmp

Filesize
5.7MB

Download
memory/1264-58-0x0000000074100000-0x00000000746AB000-memory.dmp

Filesize
5.7MB

Download