c86383dd738f99fe7a189231627b9c40816843a31b9d2137b65037c20e7e1a43

Analysis

max time kernel
21s
max time network
35s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
15-01-2023 22:04

Target

discordnitro_sniper_exec.exe
Size

3.1MB
MD5

d2cf7f138e63de39f8881eda11b3a9a6
SHA1

bf74d6f6cadada7a6f0aa110493f62d51e13b0bb
SHA256

c86383dd738f99fe7a189231627b9c40816843a31b9d2137b65037c20e7e1a43
SHA512

62eea09175053e4931eaf15b728eba231872887f2a18469193a3c3f177cd07d35e38ee719478c15ced90b36fa8cc10c2a3f0361e28604cc0f840055859a7ea9d
SSDEEP

24576:uA2s0qh8SbkZmBfPihpigcXJCGL4ghNuGkIYFem5+Ec0xMki8UsU3Aoez5hMMXqQ:uA2s0qhQZmBfPXho1z5hMMXq8NVVD

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1552 wrote to memory of 948	1552	discordnitro_sniper_exec.exe	29
PID 1552 wrote to memory of 948	1552	discordnitro_sniper_exec.exe	29
PID 1552 wrote to memory of 948	1552	discordnitro_sniper_exec.exe	29

C:\Users\Admin\AppData\Local\Temp\discordnitro_sniper_exec.exe
"C:\Users\Admin\AppData\Local\Temp\discordnitro_sniper_exec.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1552
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:948