45c94e2aeecb18722af875f9af40c97ad1e85065c6389b3b3084216022b8ae26

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-12-2023 15:31

Target

298481771c1a80b4ca7c76ee88a019d1.exe
Size

212KB
MD5

298481771c1a80b4ca7c76ee88a019d1
SHA1

0dd51347fa1fdf209af04bcbdf2d8bd98bb3128c
SHA256

45c94e2aeecb18722af875f9af40c97ad1e85065c6389b3b3084216022b8ae26
SHA512

5f68abad093f7adcde3592da72cd326cc8beafa669d4333271911a351f35c058bded4d4b4fc1b082304f7764db22605924b68575a657629649e8d15361043b33
SSDEEP

3072:5pPJhXGWGPp+iDrUGVlspIq+rCjeWod4RCAea9Pzrc77OWw8x8cehKR3ZNr:LxoWGPpjVC2q+dGMCc769/cAGP

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2360 set thread context of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.key	298481771c1a80b4ca7c76ee88a019d1.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\ = "regfile"	298481771c1a80b4ca7c76ee88a019d1.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2412	298481771c1a80b4ca7c76ee88a019d1.exe
2412	298481771c1a80b4ca7c76ee88a019d1.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2360	298481771c1a80b4ca7c76ee88a019d1.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2360 wrote to memory of 2412	2360	298481771c1a80b4ca7c76ee88a019d1.exe	28
PID 2412 wrote to memory of 1196	2412	298481771c1a80b4ca7c76ee88a019d1.exe	21
PID 2412 wrote to memory of 1196	2412	298481771c1a80b4ca7c76ee88a019d1.exe	21
PID 2412 wrote to memory of 1196	2412	298481771c1a80b4ca7c76ee88a019d1.exe	21
PID 2412 wrote to memory of 1196	2412	298481771c1a80b4ca7c76ee88a019d1.exe	21

memory/1196-10-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/1196-13-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

Filesize
4KB

Download
memory/2360-6-0x0000000000400000-0x0000000000461000-memory.dmp

Filesize
388KB

Download
memory/2412-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2412-4-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/2412-5-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2412-7-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2412-8-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/2412-23-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/2412-24-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download