583623a3c1654883d410d895b7402abca7e3022dcb8021ce35de9e7e6a261b13

Analysis

max time kernel
157s
max time network
226s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
19/12/2023, 13:00

Target

Results.exe
Size

1024.0MB
MD5

0680363ffc8571b32c1329d4ac92c843
SHA1

a4570b8ad35430f6addbd8ed2eb202066b3b8cd3
SHA256

353ccf00bdf42c770261812548569b1b2caf6848ea6d977f82b605382ce51933
SHA512

25476d0b2a5fa042cc8c5acb83168974612f4d6d4f231d6a85c60bb984bc873e8bacbe7a12e193b4c591c3dbd1c613a37f24690413bd48f6bb9c6fbf3920f706
SSDEEP

6144:FecyA7cR+ZjD7fAO1Rja++8O47jUFbX2CV20mPAJswiP7LbvTigo6PyZci2mE:Fec57KEfLlPjCXrU0U7DDoGyZci

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4428 set thread context of 4004	4428	Results.exe	89

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 4428 wrote to memory of 628	4428	Results.exe	88
PID 4428 wrote to memory of 628	4428	Results.exe	88
PID 4428 wrote to memory of 628	4428	Results.exe	88
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89
PID 4428 wrote to memory of 4004	4428	Results.exe	89

C:\Users\Admin\AppData\Local\Temp\Results.exe
"C:\Users\Admin\AppData\Local\Temp\Results.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4428
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
  2⤵
  PID:628
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
  2⤵
  PID:4004

memory/4004-0-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/4004-1-0x00000000752E0000-0x0000000075A90000-memory.dmp

Filesize
7.7MB

Download
memory/4004-2-0x0000000008150000-0x00000000086F4000-memory.dmp

Filesize
5.6MB

Download
memory/4004-3-0x0000000007C50000-0x0000000007CE2000-memory.dmp

Filesize
584KB

Download
memory/4004-4-0x0000000007E60000-0x0000000007E70000-memory.dmp

Filesize
64KB

Download
memory/4004-5-0x0000000007E50000-0x0000000007E5A000-memory.dmp

Filesize
40KB

Download
memory/4004-6-0x0000000008D20000-0x0000000009338000-memory.dmp

Filesize
6.1MB

Download
memory/4004-7-0x0000000007F20000-0x0000000007F32000-memory.dmp

Filesize
72KB

Download
memory/4004-8-0x0000000008700000-0x000000000880A000-memory.dmp

Filesize
1.0MB

Download
memory/4004-9-0x0000000007F80000-0x0000000007FBC000-memory.dmp

Filesize
240KB

Download
memory/4004-10-0x0000000007FE0000-0x000000000802C000-memory.dmp

Filesize
304KB

Download
memory/4004-11-0x00000000752E0000-0x0000000075A90000-memory.dmp

Filesize
7.7MB

Download
memory/4004-12-0x0000000007E60000-0x0000000007E70000-memory.dmp

Filesize
64KB

Download