7f66ff3584b1ba8000dbd5d48a75b979ea5307ad01571709aa84dfc917651ec0

Analysis

max time kernel
117s
max time network
120s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
21/10/2023, 21:19

Target

NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe
Size

189KB
MD5

517817eb5eedaa18bdec769e7ce1fdf0
SHA1

53de132964d2753cbb2a0b5d9f60893319b203f2
SHA256

7f66ff3584b1ba8000dbd5d48a75b979ea5307ad01571709aa84dfc917651ec0
SHA512

96845de4ab8cb5ceae2f4b3fc006b7c3c3a433b4cbcf1beac5bd2bf23b5fdedb37cfb7398aba25044a05f68e2db99763b62ba0e0da7b0335f79f49182479e5f3
SSDEEP

3072:j/Aq24TVSzXHj+iImrB+KltKQo+PHWHvrEpzibBJieVGEKB3zIJ6Dps:jZ24TVSLDQsEKeQr2HvryzkUeVGJc0K

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2204 set thread context of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28
PID 2204 wrote to memory of 2300	2204	NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe	28

C:\Users\Admin\AppData\Local\Temp\NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.517817eb5eedaa18bdec769e7ce1fdf0.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2204
- \??\c:\users\admin\appdata\local\temp\neas.517817eb5eedaa18bdec769e7ce1fdf0.exe
  "c:\users\admin\appdata\local\temp\neas.517817eb5eedaa18bdec769e7ce1fdf0.exe"
  2⤵
  PID:2300

memory/2300-0-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-2-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-4-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-5-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-6-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2300-8-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-10-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-11-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2300-12-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download