dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140

Analysis

max time kernel
142s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
14-11-2023 10:42

Target

NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe
Size

367KB
MD5

4557b75c3f8dfc2a31ff0e8e56792653
SHA1

d348497a1ae8614d46a8ba43b18bb2c7f46d7fbb
SHA256

dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140
SHA512

4cc0742447325f33b35ec61cb572b88ec6eaa35ce2bf36f1fa7f9a69f25da6992c50363169100413e2a72b5289445ddc5628d5abb9f1f6ac077825a275e5622a
SSDEEP

6144:yAY8QgjLbG3BjVEOFOtw5e3mJG8kJeAfMJgwCRM8Xaqegmc8KCx74L:Bs3wy5e3hWJgw8M8X0xc8KykL

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe

description	pid	process	target process
PID 2356 wrote to memory of 4816	2356	NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe	RegAsm.exe
PID 2356 wrote to memory of 4816	2356	NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe	RegAsm.exe
PID 2356 wrote to memory of 4816	2356	NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe	RegAsm.exe

C:\Users\Admin\AppData\Local\Temp\NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe
"C:\Users\Admin\AppData\Local\Temp\NEAS.dfd104aa405fc9d466c75c97ea643a608b2faabc6a8234417126ca1ab05d0140.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2356

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
2⤵
PID:4816

memory/2356-0-0x0000000074C30000-0x00000000753E0000-memory.dmp

Filesize
7.7MB

Download
memory/2356-1-0x0000000000060000-0x00000000000C2000-memory.dmp

Filesize
392KB

Download
memory/2356-2-0x0000000005020000-0x00000000055C4000-memory.dmp

Filesize
5.6MB

Download
memory/2356-3-0x0000000004B10000-0x0000000004BA2000-memory.dmp

Filesize
584KB

Download
memory/2356-4-0x0000000004BB0000-0x0000000004C04000-memory.dmp

Filesize
336KB

Download
memory/2356-5-0x0000000074C30000-0x00000000753E0000-memory.dmp

Filesize
7.7MB

Download
memory/2356-6-0x0000000004D10000-0x0000000004D20000-memory.dmp

Filesize
64KB

Download
memory/2356-7-0x00000000055D0000-0x000000000566C000-memory.dmp

Filesize
624KB

Download
memory/2356-10-0x0000000074C30000-0x00000000753E0000-memory.dmp

Filesize
7.7MB

Download
memory/2356-8-0x0000000004AF0000-0x0000000004AFA000-memory.dmp

Filesize
40KB

Download