53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92

Resubmissions

24-06-2023 18:32

24-06-2023 18:23

max time kernel
93s
max time network
116s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
24-06-2023 18:23

Target

53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe
Size

3.9MB
MD5

0f960403760090619b597c4ffd500b66
SHA1

7b3fcd7f5e759d0cfb81ac6b8a4061e49a63596f
SHA256

53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92
SHA512

bdb2be2d0cbbd8d25e0041fd3f931b06bceb1f9801328d3f4c48a368517684c2d366925564bb1a8365b0677c8ffc55660a37d6816dddf735c0509bb0e6923d82
SSDEEP

49152:eC/pVUOajTbpPHiHvVEgHztu+thX44ifGJtSqeQLgza6BDm5TN+IMUu9+d1cL+N:xBuh18VzArOSqeDalc6dF

Score

7^/10

Loads dropped DLL 1 IoCs

Processes:

53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe

pid process

4716 53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe

pid	process
4716	53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe

description	pid	process	target process
PID 4716 wrote to memory of 4708	4716	53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe	cmd.exe
PID 4716 wrote to memory of 4708	4716	53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe	cmd.exe
PID 4716 wrote to memory of 4708	4716	53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe	cmd.exe

C:\Users\Admin\AppData\Local\Temp\53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe
"C:\Users\Admin\AppData\Local\Temp\53fff9337c461ac70fd7cf955e28ed5491d510c8c0751ffc5399a9afe5fb1c92.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:4716
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:4708

C:\Users\Admin\AppData\Local\Temp\E2EECore.2.7.2.dll

Filesize
8.4MB

MD5
8b6c94bbdbfb213e94a5dcb4fac28ce3

SHA1
b56102ca4f03556f387f8b30e2b404efabe0cb65

SHA256
982a177924762f270b36fe34c7d6847392b48ae53151dc2011078dceef487a53

SHA512
9d6d63b5d8cf7a978d7e91126d7a343c2f7acd00022da9d692f63e50835fdd84a59a93328564f10622f2b1f6adfd7febdd98b8ddb294d0754ed45cc9c165d25a

Download Submit
memory/4716-140-0x0000000002A30000-0x0000000002A31000-memory.dmp

Filesize
4KB

Download
memory/4716-141-0x0000000010000000-0x0000000010059000-memory.dmp

Filesize
356KB

Download
memory/4716-143-0x0000000002A20000-0x0000000002A21000-memory.dmp

Filesize
4KB

Download
memory/4716-142-0x00000000029C0000-0x0000000002A19000-memory.dmp

Filesize
356KB

Download
memory/4716-144-0x0000000002A50000-0x0000000002A51000-memory.dmp

Filesize
4KB

Download
memory/4716-145-0x0000000002A40000-0x0000000002A41000-memory.dmp

Filesize
4KB

Download
memory/4716-157-0x0000000003480000-0x0000000003481000-memory.dmp

Filesize
4KB

Download
memory/4716-156-0x0000000003490000-0x0000000003491000-memory.dmp

Filesize
4KB

Download