f15de9a03dd7060b13fe8b8358003c94c9c5acad951d6a2ea3011d36e073e9ee

Analysis

max time kernel
170s
max time network
236s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 13:15

Target

2100c9def827ed00f3187dde2a3e1919.exe
Size

264KB
MD5

2100c9def827ed00f3187dde2a3e1919
SHA1

65340894336c86f61d3e0f85af33d94c0c09ff6e
SHA256

f15de9a03dd7060b13fe8b8358003c94c9c5acad951d6a2ea3011d36e073e9ee
SHA512

d5e36553b2cbc6d81dace7559d4156794312958fbf62476b1b1e639205673fc2d4fd0c6859f6b7efdf0d7c3add4f416a7b0fe3bbdbca03a57656efaba702922c
SSDEEP

3072:tYC7sF+/kI7/xfGLTqGfX9NIhVrcS4YbsYkwVvQWjvOO4DaHGLcj2Bjp7AmkKrmB:uesyz9Gfqe9wVrgY4c5voDG817ADak

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 3008 set thread context of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3008	2100c9def827ed00f3187dde2a3e1919.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 3008 wrote to memory of 4624	3008	2100c9def827ed00f3187dde2a3e1919.exe	91
PID 4624 wrote to memory of 3424	4624	2100c9def827ed00f3187dde2a3e1919.exe	52
PID 4624 wrote to memory of 3424	4624	2100c9def827ed00f3187dde2a3e1919.exe	52
PID 4624 wrote to memory of 3424	4624	2100c9def827ed00f3187dde2a3e1919.exe	52
PID 4624 wrote to memory of 3424	4624	2100c9def827ed00f3187dde2a3e1919.exe	52

memory/3008-5-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3008-0-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3008-8-0x0000000000400000-0x00000000004B7000-memory.dmp

Filesize
732KB

Download
memory/3424-11-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3424-12-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download
memory/4624-7-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/4624-9-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4624-10-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/4624-6-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4624-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4624-15-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/4624-16-0x0000000000410000-0x00000000004D9000-memory.dmp

Filesize
804KB

Download
memory/4624-18-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download