d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7

Analysis

max time kernel
154s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
10/10/2023, 21:10

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe
Size

392KB
MD5

1dcca4fd91773d19e335adc19b1bc755
SHA1

0225b752dfcce51ba15fba99625937206fb30c7c
SHA256

d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7
SHA512

213bd124ec07130bfdd002ad5de658c20cc43a0e5df3fe6e4fd5bdcc95fc3012885609fdc788548ef98cb14b28ed32edc93a3ef2265b503630920f02144af6e4
SSDEEP

6144:xnh9A0rh+3HkmZMNaxFx/Zkddf6r9jUQj6vtgm2Ou2:xh9AA+3kAWaB6OpjF6vtg

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1500 set thread context of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107
PID 1500 wrote to memory of 992	1500	d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe	107

C:\Users\Admin\AppData\Local\Temp\d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe
"C:\Users\Admin\AppData\Local\Temp\d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1500
- C:\Users\Admin\AppData\Local\Temp\d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe
  "C:\Users\Admin\AppData\Local\Temp\d2df5bae26f889ee542587acee436b65203f8d827f5aaaa0a285a0254f763bc7.exe"
  2⤵
  PID:992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/992-8-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/992-11-0x00000000024D0000-0x0000000002536000-memory.dmp

Filesize
408KB

Download
memory/992-2-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/992-10-0x0000000002530000-0x0000000002540000-memory.dmp

Filesize
64KB

Download
memory/992-4-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/992-5-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/992-20-0x0000000002530000-0x0000000002540000-memory.dmp

Filesize
64KB

Download
memory/992-7-0x0000000074C20000-0x00000000753D0000-memory.dmp

Filesize
7.7MB

Download
memory/992-19-0x0000000002530000-0x0000000002540000-memory.dmp

Filesize
64KB

Download
memory/992-17-0x0000000002530000-0x0000000002540000-memory.dmp

Filesize
64KB

Download
memory/992-3-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/992-12-0x0000000002530000-0x0000000002540000-memory.dmp

Filesize
64KB

Download
memory/992-13-0x0000000074C20000-0x00000000753D0000-memory.dmp

Filesize
7.7MB

Download
memory/992-14-0x0000000004AD0000-0x0000000005074000-memory.dmp

Filesize
5.6MB

Download
memory/992-15-0x00000000050E0000-0x0000000005142000-memory.dmp

Filesize
392KB

Download
memory/992-16-0x0000000007610000-0x00000000076A2000-memory.dmp

Filesize
584KB

Download
memory/1500-0-0x00000000021C0000-0x00000000021FB000-memory.dmp

Filesize
236KB

Download
memory/1500-1-0x0000000000470000-0x00000000004C0000-memory.dmp

Filesize
320KB

Download
memory/1500-6-0x00000000021C0000-0x00000000021FB000-memory.dmp

Filesize
236KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads