41127a0dd4f3be76754f36402f6a1cf140927a76b1ab17e4fae8316667732325

Analysis

max time kernel
117s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12-10-2023 13:41

Target

file.exe
Size

393KB
MD5

d03b39bc2512a092c5ff2bd62a847642
SHA1

57a32cff3fbf99a0849ce5933d813a14a020ec15
SHA256

41127a0dd4f3be76754f36402f6a1cf140927a76b1ab17e4fae8316667732325
SHA512

852c83f3c33a55c63fb4ccdf99b7c2fa96b795c39c12bf842381276946766083145d9c6e504ac95fc03a38d71ff30ee07e6ff04ac532eb0ecda2d560afd5ccf3
SSDEEP

6144:Zi+jE42jicP5iOo2T8VrSd/sUAOTklI0mPM/yTjKYcvsKEUE0JGts91Sa:Zi+xqiG59ouFk2LUaTjL5K8oG41Sa

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4456 set thread context of 4448	4456	file.exe	84

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84
PID 4456 wrote to memory of 4448	4456	file.exe	84

C:\Users\Admin\AppData\Local\Temp\file.exe
"C:\Users\Admin\AppData\Local\Temp\file.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4456
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
  2⤵
  PID:4448

memory/4448-0-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/4448-1-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/4448-2-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/4448-3-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/4448-4-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download