6180464e51e0746cd11f378a3a58b89ca1037723e4675e0401a40eebc1081f25

Analysis

max time kernel
122s
max time network
142s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 18:09

Target

3360ac2ba04baf232e90579576c516ca.exe
Size

175KB
MD5

3360ac2ba04baf232e90579576c516ca
SHA1

4ce5db98d6ddb78c521d37afe268550b433d4470
SHA256

6180464e51e0746cd11f378a3a58b89ca1037723e4675e0401a40eebc1081f25
SHA512

775a36b86616a4263caa6a70a5be9cf78660ddaddfc777bf06f21e20c3c90bc29e69f3c411d3868c8b80d818601e6ec6f3f3030a9455fc1adef2ee9cafb9882e
SSDEEP

3072:QHrxrhgLydo1Ni+VyeZFxLR6CVd5WV+uiGIrF3MsSxWTL80:KtCGypFxRTD5WIxGmF8NA/

Score

1^/10

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2624	3360ac2ba04baf232e90579576c516ca.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2624	3360ac2ba04baf232e90579576c516ca.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 2624 wrote to memory of 1244	2624	3360ac2ba04baf232e90579576c516ca.exe	11
PID 2624 wrote to memory of 1244	2624	3360ac2ba04baf232e90579576c516ca.exe	11
PID 2624 wrote to memory of 1244	2624	3360ac2ba04baf232e90579576c516ca.exe	11
PID 2624 wrote to memory of 1244	2624	3360ac2ba04baf232e90579576c516ca.exe	11
PID 2624 wrote to memory of 1244	2624	3360ac2ba04baf232e90579576c516ca.exe	11

memory/2624-0-0x0000000000400000-0x0000000000438000-memory.dmp

Filesize
224KB

Download
memory/2624-1-0x0000000017180000-0x00000000171A3000-memory.dmp

Filesize
140KB

Download
memory/2624-2-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2624-3-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download