bebc0029d94116ae2f1d7ae6ce0f91376a188a90e0da62cc53030c831cfc0d45

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20231025-en
resource tags

arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
submitted
27-10-2023 09:45

Target

URGENT RFQ! RFP82810.exe
Size

329KB
MD5

42df97789a51cb7ba473e6f447e83989
SHA1

400e3f2bc880dd690e4dcbfd8024995e83347d9d
SHA256

73dc704c3a82e161c621cdbd9164c9ee86ccb8b7fa0dcfc8f03ce40335c8604e
SHA512

0b3b26bb8d131fc506d9e3be57b1ef7d9c51f46a7dc9529bc4657a90767e09997e5675c91a2e83772ab4602b2c923d840ff5c708a831c24cf38b570eec6c023d
SSDEEP

6144:/CKQBMNitGsC/UJiQ2+423iCn3XgIqFsPe35bgaGPEQD:/fQ67sCYiX23PXbqL35bgaGf

Score

1^/10

Suspicious use of WriteProcessMemory 7 IoCs

Processes:

URGENT RFQ! RFP82810.exe

description	pid	process	target process
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe
PID 2332 wrote to memory of 2068	2332	URGENT RFQ! RFP82810.exe	RegAsm.exe

C:\Users\Admin\AppData\Local\Temp\URGENT RFQ! RFP82810.exe
"C:\Users\Admin\AppData\Local\Temp\URGENT RFQ! RFP82810.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2332

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
2⤵
PID:2068

memory/2332-0-0x00000000008E0000-0x0000000000938000-memory.dmp

Filesize
352KB

Download
memory/2332-1-0x0000000074890000-0x0000000074F7E000-memory.dmp

Filesize
6.9MB

Download
memory/2332-2-0x0000000000440000-0x0000000000494000-memory.dmp

Filesize
336KB

Download
memory/2332-3-0x0000000074890000-0x0000000074F7E000-memory.dmp

Filesize
6.9MB

Download
memory/2332-4-0x0000000000870000-0x00000000008B0000-memory.dmp

Filesize
256KB

Download
memory/2332-5-0x00000000002A0000-0x00000000002AA000-memory.dmp

Filesize
40KB

Download
memory/2332-6-0x0000000074890000-0x0000000074F7E000-memory.dmp

Filesize
6.9MB

Download