6b1925a4e46c0ee657567aac483e6193bf1b7a64bde80a853e5af606087baf70

Analysis

max time kernel
122s
max time network
153s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 04:55

Target

065cb3f73eced424e2fb65ddf27d8f6c.exe
Size

482KB
MD5

065cb3f73eced424e2fb65ddf27d8f6c
SHA1

f9f107e2a85b022137a47086f1281b74609cfbc2
SHA256

6b1925a4e46c0ee657567aac483e6193bf1b7a64bde80a853e5af606087baf70
SHA512

18204253e6c8eb1298e6328f39ff2b13c0ed3f5187e7760542acf42c03dee46bbe29c9aa6d64645fdf730f6381b5e6153a6e73acb681abe279f79592c522f072
SSDEEP

12288:nTVv/uRJTCYuDWv+21xJAwAZ35xaGFujjnt59KwfUCr9W+qP9zuMRwNFoTl:nT1uTTCJDwZ+SbHnt59Kwfhr9czXwNF8

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2944	@B8C4.tmp

Loads dropped DLL 2 IoCs

pid	Process
2104	065cb3f73eced424e2fb65ddf27d8f6c.exe
2104	065cb3f73eced424e2fb65ddf27d8f6c.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2104 wrote to memory of 2944	2104	065cb3f73eced424e2fb65ddf27d8f6c.exe	28
PID 2104 wrote to memory of 2944	2104	065cb3f73eced424e2fb65ddf27d8f6c.exe	28
PID 2104 wrote to memory of 2944	2104	065cb3f73eced424e2fb65ddf27d8f6c.exe	28
PID 2104 wrote to memory of 2944	2104	065cb3f73eced424e2fb65ddf27d8f6c.exe	28

C:\Users\Admin\AppData\Local\Temp\065cb3f73eced424e2fb65ddf27d8f6c.exe
"C:\Users\Admin\AppData\Local\Temp\065cb3f73eced424e2fb65ddf27d8f6c.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2104
- C:\Users\Admin\AppData\Local\Temp\@B8C4.tmp
  "C:\Users\Admin\AppData\Local\Temp\@B8C4.tmp" "C:\Users\Admin\AppData\Local\Temp\065cb3f73eced424e2fb65ddf27d8f6c.exe"
  2⤵
  - Executes dropped EXE
  PID:2944

\Users\Admin\AppData\Local\Temp\@B8C4.tmp

Filesize
80KB

MD5
bd9dbc2637ff5b3a16bf55aada67abce

SHA1
bd93f5537871e47163e963051653b6fe6df1a5b7

SHA256
cd37c099746575e6929c15416bf4be16337e4d3f3f4cf305bd7d204f5834f9b5

SHA512
56967a039cdb10ed14b44ee140d540ec7a3641e2646517300d279f04c8f179988f81fb8faaff781d9ebe9261f693e8e9a7426576dc8eaf450c68415d05466a2d

Download Submit