3cfbfb0aea309f3883b7656b639542aff9be5942eac4b67a11fd74160d075e50

Analysis

max time kernel
149s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
25/12/2023, 17:09

Target

2fc60cfc3fa0045269991477ad0ef561.exe
Size

305KB
MD5

2fc60cfc3fa0045269991477ad0ef561
SHA1

5e182307cd2a4f802a7c6eaba0c4d15f36cf0b0c
SHA256

3cfbfb0aea309f3883b7656b639542aff9be5942eac4b67a11fd74160d075e50
SHA512

46d994d87e8304070196cd8277d3c929fc7a73df458821e111f5e955db5dcdfe3245d4aa22569b51cea20cb31110ea26d3f0db9a3317efbf6ab12117996d5167
SSDEEP

6144:cPPTbSO7/XrN1ZsT5KkmtuYA3I9eXK2msu:cPx/rddwt3kfZ

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
1048	2fc60cfc3fa0045269991477ad0ef561.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18
PID 1048 wrote to memory of 4328	1048	2fc60cfc3fa0045269991477ad0ef561.exe	18

memory/1048-2-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1048-3-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1048-1-0x00000000001C0000-0x00000000001C2000-memory.dmp

Filesize
8KB

Download
memory/1048-0-0x0000000000400000-0x000000000044E000-memory.dmp

Filesize
312KB

Download
memory/4328-5-0x00000000008D0000-0x00000000008D9000-memory.dmp

Filesize
36KB

Download
memory/4328-4-0x00000000009C0000-0x00000000009CE000-memory.dmp

Filesize
56KB

Download
memory/4328-8-0x00000000008D0000-0x00000000008D9000-memory.dmp

Filesize
36KB

Download