f0263faeb0edbad7ec3340b9b069d1793f36173c8d4fb080a0ad1838029258a4

Analysis

max time kernel
139s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 02:34

Target

4cf3d90f0cc15ef7005701c59bf8a21d.exe
Size

141KB
MD5

4cf3d90f0cc15ef7005701c59bf8a21d
SHA1

69554d6714f939f5dfcaa6e82f31c4af1cf7b748
SHA256

f0263faeb0edbad7ec3340b9b069d1793f36173c8d4fb080a0ad1838029258a4
SHA512

329a42206fbac45bf1da2450827e1a62c1788fd52eeb1c802a440d8084ccaa32d1a89f875fbe24cd274d3fd433e04d10b760914f88f33d9a4b65011ab6e0067e
SSDEEP

3072:PhdpmhosHCD3OD5zfUh0hxcR58SvcffyBRcgT5dV:VcmD3Oyx8GcffyBZ5P

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 1136 wrote to memory of 3208	1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe	91
PID 1136 wrote to memory of 3208	1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe	91
PID 1136 wrote to memory of 3208	1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe	91
PID 1136 wrote to memory of 3208	1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe	91
PID 1136 wrote to memory of 3208	1136	4cf3d90f0cc15ef7005701c59bf8a21d.exe	91

memory/1136-0-0x0000000000400000-0x0000000000425000-memory.dmp

Filesize
148KB

Download
memory/1136-2-0x0000000000490000-0x0000000000492000-memory.dmp

Filesize
8KB

Download
memory/1136-1-0x0000000000400000-0x0000000000425000-memory.dmp

Filesize
148KB

Download
memory/1136-5-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/1136-3-0x0000000000B90000-0x0000000000BA4000-memory.dmp

Filesize
80KB

Download
memory/1136-7-0x0000000000420000-0x000000000042E000-memory.dmp

Filesize
56KB

Download