583623a3c1654883d410d895b7402abca7e3022dcb8021ce35de9e7e6a261b13

Analysis

max time kernel
135s
max time network
153s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/12/2023, 13:00

Target

Results.exe
Size

1024.0MB
MD5

0680363ffc8571b32c1329d4ac92c843
SHA1

a4570b8ad35430f6addbd8ed2eb202066b3b8cd3
SHA256

353ccf00bdf42c770261812548569b1b2caf6848ea6d977f82b605382ce51933
SHA512

25476d0b2a5fa042cc8c5acb83168974612f4d6d4f231d6a85c60bb984bc873e8bacbe7a12e193b4c591c3dbd1c613a37f24690413bd48f6bb9c6fbf3920f706
SSDEEP

6144:FecyA7cR+ZjD7fAO1Rja++8O47jUFbX2CV20mPAJswiP7LbvTigo6PyZci2mE:Fec57KEfLlPjCXrU0U7DDoGyZci

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2212 set thread context of 1740	2212	Results.exe	28

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28
PID 2212 wrote to memory of 1740	2212	Results.exe	28

C:\Users\Admin\AppData\Local\Temp\Results.exe
"C:\Users\Admin\AppData\Local\Temp\Results.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
  2⤵
  PID:1740

memory/1740-0-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-1-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-2-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-3-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-4-0x00000000FFFDE000-0x00000000FFFDF000-memory.dmp

Filesize
4KB

Download
memory/1740-5-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-7-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-9-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/1740-10-0x0000000074690000-0x0000000074D7E000-memory.dmp

Filesize
6.9MB

Download
memory/1740-11-0x00000000073B0000-0x00000000073F0000-memory.dmp

Filesize
256KB

Download
memory/1740-12-0x0000000074690000-0x0000000074D7E000-memory.dmp

Filesize
6.9MB

Download
memory/1740-13-0x00000000073B0000-0x00000000073F0000-memory.dmp

Filesize
256KB

Download