7bf4209bd3d7973b5061883db3f5aaf286a61f630406680ec0aedca6e04bf175

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 08:00

Target

10954e6a842f7fc233d2e4c159dd9de8.exe
Size

59KB
MD5

10954e6a842f7fc233d2e4c159dd9de8
SHA1

e3a8016748932ebb8416ad562a763b2886f127d8
SHA256

7bf4209bd3d7973b5061883db3f5aaf286a61f630406680ec0aedca6e04bf175
SHA512

eab8a4d76f23a8a0a799f430e2211aa43ebf9a3f9e8cd710bf8e6d811086624ab61e43ca2ff98d59fcfac898c40e98a57a48e774b88e5c56270ebc2df6d26797
SSDEEP

1536:UrJFr8sK23DxXTV2AkMQ96UZzX/2DBmthpahU0+v:UrJesK2t8AkMQXZjABI4hU0+v

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2228 set thread context of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28
PID 2228 wrote to memory of 2100	2228	10954e6a842f7fc233d2e4c159dd9de8.exe	28

C:\Users\Admin\AppData\Local\Temp\10954e6a842f7fc233d2e4c159dd9de8.exe
"C:\Users\Admin\AppData\Local\Temp\10954e6a842f7fc233d2e4c159dd9de8.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2228
- C:\Users\Admin\AppData\Local\Temp\10954e6a842f7fc233d2e4c159dd9de8.exe
  C:\Users\Admin\AppData\Local\Temp\10954e6a842f7fc233d2e4c159dd9de8.exe
  2⤵
  PID:2100

memory/2100-2-0x0000000000400000-0x0000000000451000-memory.dmp

Filesize
324KB

Download
memory/2100-3-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2100-5-0x0000000000400000-0x0000000000451000-memory.dmp

Filesize
324KB

Download
memory/2100-7-0x0000000000400000-0x0000000000451000-memory.dmp

Filesize
324KB

Download
memory/2100-9-0x0000000000400000-0x0000000000451000-memory.dmp

Filesize
324KB

Download
memory/2100-10-0x0000000000400000-0x0000000000451000-memory.dmp

Filesize
324KB

Download
memory/2228-0-0x0000000010000000-0x0000000010018000-memory.dmp

Filesize
96KB

Download
memory/2228-1-0x0000000000020000-0x0000000000038000-memory.dmp

Filesize
96KB

Download
memory/2228-8-0x0000000010000000-0x0000000010018000-memory.dmp

Filesize
96KB

Download