04a4fc605489e892da1c504763c47fb0d2a0295908d24cef9e8a300566cb477c

Analysis

max time kernel
137s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 01:08

Target

480a453e52af110c81dbd405c6dfda93.exe
Size

294KB
MD5

480a453e52af110c81dbd405c6dfda93
SHA1

0a2e0527b21c592301b52950787ece7b3f8231a2
SHA256

04a4fc605489e892da1c504763c47fb0d2a0295908d24cef9e8a300566cb477c
SHA512

bddc5ee25df29c3a932134a7fc03509e00d6ee5ed5071b769bd941e9ca4d014db8c2a0e38fe30ffcd297e7f5aba8e6ff18d879aa9c5e89db184b7e73f6598ce1
SSDEEP

6144:JRs++PjbdqaEGqWn9K6pLP++eIBLX+FbuNZD/s+9tGTQ2jjcyN/4py4vwc:J8PjmC9bZ+/Ilbp/ztGTQ4j16vB

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4540 set thread context of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98
PID 4540 wrote to memory of 5084	4540	480a453e52af110c81dbd405c6dfda93.exe	98

C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe
"C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4540
- C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe
  "C:\Users\Admin\AppData\Local\Temp\480a453e52af110c81dbd405c6dfda93.exe"
  2⤵
  PID:5084

memory/4540-0-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/4540-2-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/4540-5-0x0000000000400000-0x0000000000450000-memory.dmp

Filesize
320KB

Download
memory/5084-3-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/5084-6-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/5084-7-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/5084-8-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/5084-9-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download