ff2c12f20f6cf7de894b215124226bf0e9196af577d4ac371196ed25f46e988a

Analysis

max time kernel
144s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 05:57

Target

09c5572a4d5eac974a1ca5e21a72294b.exe
Size

27KB
MD5

09c5572a4d5eac974a1ca5e21a72294b
SHA1

d6a1015e8243e8cefa7fee1fcda771cb1ff3d96d
SHA256

ff2c12f20f6cf7de894b215124226bf0e9196af577d4ac371196ed25f46e988a
SHA512

1cc6f68b7389b385c68a14b7825d7d5431e9acfb02b14ecc9521c8428270f75241a02b33f7c7f08ac5e1568324050c03b31f3bd3f89f71c3a1ef197621fd9675
SSDEEP

384:3n/VsAp+qD3ikQ9OavrQcsqCj0Shw2NQVm2fwH3IrE4vQzmeixNkVdfx:3tVD31Q9OavrXsF0yWk4Q4ozJijWfx

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1900 set thread context of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1900	09c5572a4d5eac974a1ca5e21a72294b.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29
PID 1900 wrote to memory of 4560	1900	09c5572a4d5eac974a1ca5e21a72294b.exe	29

C:\Users\Admin\AppData\Local\Temp\09c5572a4d5eac974a1ca5e21a72294b.exe
"C:\Users\Admin\AppData\Local\Temp\09c5572a4d5eac974a1ca5e21a72294b.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1900
- C:\Users\Admin\AppData\Local\Temp\09c5572a4d5eac974a1ca5e21a72294b.exe
  C:\Users\Admin\AppData\Local\Temp\09c5572a4d5eac974a1ca5e21a72294b.exe
  2⤵
  PID:4560

memory/4560-4-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/4560-5-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/4560-2-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/4560-6-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download