5aa9d6177065483815bdfbb4bd52521f6382491b0eddf4a43f1cce697b58748d

Analysis

max time kernel
147s
max time network
123s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
24-12-2023 18:40

Target

0c9ab33a0888dfd6de4ec6ae3f89e45a.exe
Size

77KB
MD5

0c9ab33a0888dfd6de4ec6ae3f89e45a
SHA1

2ea5f2f3cc1d96b6c9aae962557ded76e932b0e2
SHA256

5aa9d6177065483815bdfbb4bd52521f6382491b0eddf4a43f1cce697b58748d
SHA512

d94c373a1f2ef0b9140b25f7f8144ca4facd724174809f39fa66ced0adf0f8140eba55c0cf5b2d45f53d4750666255afdabac52520623f1a8426e53a38dc6114
SSDEEP

1536:OLhb4Pt1i3wHYkNV8vZ0qR/bt8bVa6AIrk11Wjj420yaz4SPJIZMaUuKoct:OLmPEI5gZ00/btAVabsk11Qi4S5uvC

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13
PID 3020 wrote to memory of 2920	3020	0c9ab33a0888dfd6de4ec6ae3f89e45a.exe	13

memory/2920-10-0x0000000000630000-0x0000000000638000-memory.dmp

Filesize
32KB

Download
memory/2920-8-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2920-6-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2920-5-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/2920-13-0x0000000000080000-0x0000000000089000-memory.dmp

Filesize
36KB

Download
memory/3020-0-0x0000000000400000-0x000000000040F000-memory.dmp

Filesize
60KB

Download
memory/3020-1-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/3020-2-0x0000000000230000-0x0000000000242000-memory.dmp

Filesize
72KB

Download
memory/3020-7-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/3020-9-0x0000000000400000-0x000000000040F000-memory.dmp

Filesize
60KB

Download
memory/3020-4-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download