690e898fd01b69ac3eea36ac0bde48295eeb37b85a76ab96368b02dd7ee51615

Analysis

max time kernel
150s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
27-09-2023 04:49

Target

eee.exe
Size

3.3MB
MD5

0f188231c29fba40e8b3e76792464cff
SHA1

e231f8e1060915dcb83fcf383ce0c80dbb94b2ea
SHA256

690e898fd01b69ac3eea36ac0bde48295eeb37b85a76ab96368b02dd7ee51615
SHA512

2d430c8bc5d5473bcc41e22bff252f1c09e632a4baaa5da4ac011ba13bf102ccc7a80541293a965a6ff80ca47b3d4271fd1e35c878a2b4ff0123af172f16f803
SSDEEP

98304:sqNAQ6FGtvX6KN5hBAud6kDjGpUefle0GzDKKD:sqN5u06KN5hZnse0GzJ

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1788 set thread context of 2688	1788	eee.exe	88

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1788	eee.exe
2688	cmd.exe

Suspicious behavior: MapViewOfSection 2 IoCs

pid	Process
1788	eee.exe
2688	cmd.exe

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 1788 wrote to memory of 2688	1788	eee.exe	88
PID 1788 wrote to memory of 2688	1788	eee.exe	88
PID 1788 wrote to memory of 2688	1788	eee.exe	88
PID 1788 wrote to memory of 2688	1788	eee.exe	88
PID 2688 wrote to memory of 1972	2688	cmd.exe	100
PID 2688 wrote to memory of 1972	2688	cmd.exe	100
PID 2688 wrote to memory of 1972	2688	cmd.exe	100
PID 2688 wrote to memory of 1972	2688	cmd.exe	100
PID 2688 wrote to memory of 1972	2688	cmd.exe	100

C:\Users\Admin\AppData\Local\Temp\2462f726

Filesize
1.0MB

MD5
53a178af0c2233171e4f5ed3b395c73b

SHA1
cf1c578749120d3fa03135a639e2a86788181ef0

SHA256
24a5c7d4ddbdfbd6e1bc70fd15dde1bb71378f5169c39b1c5347c85218beb15b

SHA512
525af32a4ec2c107dcf93c3ed651ac001d7509c7c70347664aa5896edebfc970a3abfc9c85c3a7191ad2b43e50f05669407e72525b01ca6bc9878c066fd86eaf

Download Submit
memory/1788-0-0x0000000000400000-0x000000000075D000-memory.dmp

Filesize
3.4MB

Download
memory/1788-2-0x0000000076260000-0x000000007631F000-memory.dmp

Filesize
764KB

Download
memory/1788-3-0x0000000076260000-0x000000007631F000-memory.dmp

Filesize
764KB

Download
memory/1788-4-0x0000000076260000-0x000000007631F000-memory.dmp

Filesize
764KB

Download
memory/1972-13-0x0000000000490000-0x000000000050A000-memory.dmp

Filesize
488KB

Download
memory/1972-12-0x00007FF9C7B30000-0x00007FF9C7D25000-memory.dmp

Filesize
2.0MB

Download
memory/1972-16-0x0000000000A70000-0x0000000000EA3000-memory.dmp

Filesize
4.2MB

Download
memory/1972-17-0x0000000000490000-0x000000000050A000-memory.dmp

Filesize
488KB

Download
memory/1972-18-0x0000000000490000-0x000000000050A000-memory.dmp

Filesize
488KB

Download
memory/2688-9-0x00000000011E0000-0x000000000129F000-memory.dmp

Filesize
764KB

Download
memory/2688-10-0x00000000011E0000-0x000000000129F000-memory.dmp

Filesize
764KB

Download
memory/2688-7-0x00007FF9C7B30000-0x00007FF9C7D25000-memory.dmp

Filesize
2.0MB

Download