077389d4c093cfad7cdf4f19f2f2fc308e686f8ba475f4bf8c76d5a00d310cab

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
19/12/2023, 13:57

Target

3b39a7b8427098ddf91ba0842e6621f0.exe
Size

192KB
MD5

3b39a7b8427098ddf91ba0842e6621f0
SHA1

513930dbe283500b64b2cffe64703a187cbecb9d
SHA256

077389d4c093cfad7cdf4f19f2f2fc308e686f8ba475f4bf8c76d5a00d310cab
SHA512

1a1c6df3b1a7c20248d63f190f71d8f1bdfe5d92fd6cd02a45b84bd3e209fa888bd6ac4fffbe9b8241d8e0c089be711aba4bd802c2d7b68544c3e8b20c5ded79
SSDEEP

3072:+f82oLbwePAUkbC0xdvlq38bj23uE1s5TPNFx74WL/2lVvM0:+f1oRYjbddNq38dxJr2lVvM

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2836	Unicorn-61835.exe

Loads dropped DLL 7 IoCs

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2676	2836	WerFault.exe	28

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1972	3b39a7b8427098ddf91ba0842e6621f0.exe
2836	Unicorn-61835.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 1972 wrote to memory of 2836	1972	3b39a7b8427098ddf91ba0842e6621f0.exe	28
PID 1972 wrote to memory of 2836	1972	3b39a7b8427098ddf91ba0842e6621f0.exe	28
PID 1972 wrote to memory of 2836	1972	3b39a7b8427098ddf91ba0842e6621f0.exe	28
PID 1972 wrote to memory of 2836	1972	3b39a7b8427098ddf91ba0842e6621f0.exe	28
PID 2836 wrote to memory of 2676	2836	Unicorn-61835.exe	29
PID 2836 wrote to memory of 2676	2836	Unicorn-61835.exe	29
PID 2836 wrote to memory of 2676	2836	Unicorn-61835.exe	29
PID 2836 wrote to memory of 2676	2836	Unicorn-61835.exe	29

\Users\Admin\AppData\Local\Temp\Unicorn-61835.exe

Filesize
192KB

MD5
6eeaf9ea50a4f7a3262aea23427d4eea

SHA1
00cd4a838e2d5ba2e93bc72126a81baecd94811b

SHA256
c1e39cec8f2ad19231302ef871d985b9a729c80291f33eb84e63f0fd086dbcaf

SHA512
2e609a364f6bb98cce54a822daf1632d1267f3f2dad8000ff5f821d29868dbd379453cea302b5a211ebee4e020f34321d7b92cd3e5bff6b27ae1fb5be4a77b96

Download Submit