14aa6ac7b5d4ce50fc6de4f35f6ec4e2709a750575bac1157154d002b23e982c

Analysis

max time kernel
134s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 03:23

Target

5001311cc30aaa1204b3df2abdeac271.exe
Size

100KB
MD5

5001311cc30aaa1204b3df2abdeac271
SHA1

15e4547362df7588f08a58ec9dc4d9a952f5e9d8
SHA256

14aa6ac7b5d4ce50fc6de4f35f6ec4e2709a750575bac1157154d002b23e982c
SHA512

dbd87b32897dba04335fafe5d3d8781a4beabca694ed4b9eb27a584ec544b1e3ec84f9e2aa40dea081a61869c42a267c86754e4ca5398ca006c31e1998a2510c
SSDEEP

1536:Nne5YWJT9fPjMEe/m8GrpBL/uBitKAgAJsV3V7sVNQpjyGK273k:5e5YWTPQ/mDXYoKbVaS3k

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
652	5001311cc30aaa1204b3df2abdeac271.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 652 wrote to memory of 2608	652	5001311cc30aaa1204b3df2abdeac271.exe	90
PID 652 wrote to memory of 2608	652	5001311cc30aaa1204b3df2abdeac271.exe	90
PID 652 wrote to memory of 2608	652	5001311cc30aaa1204b3df2abdeac271.exe	90
PID 652 wrote to memory of 2608	652	5001311cc30aaa1204b3df2abdeac271.exe	90
PID 652 wrote to memory of 2608	652	5001311cc30aaa1204b3df2abdeac271.exe	90

memory/652-0-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/652-2-0x0000000002170000-0x0000000002184000-memory.dmp

Filesize
80KB

Download
memory/652-1-0x00000000005E0000-0x00000000005E1000-memory.dmp

Filesize
4KB

Download
memory/652-3-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/652-5-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/652-6-0x00000000021C0000-0x00000000021CE000-memory.dmp

Filesize
56KB

Download