036db747914ccb896aa34f6c58f9f7b2343fb031c2fef98558925526941ad74b

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
13/10/2023, 01:46

Target

SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe
Size

2.0MB
MD5

b1c405577c64cb91aceae1beeec5a6cf
SHA1

ba1a03540f1cbe62ceb6523093a288682380d5ee
SHA256

036db747914ccb896aa34f6c58f9f7b2343fb031c2fef98558925526941ad74b
SHA512

cecfb576bf878d7ba27d64cda129894daa84bfce99dd30e66e77af877e64d24c6cf427b31f5e5196a6a6bf778a5b5ad38d7505034c9109b26283a49becc061d7
SSDEEP

6144:1A8BdXQQd50VIfoEWlvf4Dxqa0aeytsnHCH5:DXv1VWlX43tw

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1628 wrote to memory of 3000	1628	SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe	29
PID 1628 wrote to memory of 3000	1628	SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe	29
PID 1628 wrote to memory of 3000	1628	SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe	29

C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe
"C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.InjectorX-gen.23076.19470.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1628
- C:\Windows\system32\notepad.exe
  notepad.exe
  2⤵
  PID:3000