a22f393576c3c8fa3ade88102fa98dfc93097d15b4c453ef676f6daaefffa592

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
26/12/2023, 03:51

Target

AutoSettings/Files/Tools/Handle.exe
Size

523KB
MD5

2579df066d38a15be8142954a2633e7f
SHA1

5f08cc1dfcbd277f607e01bbbfbb34996febd937
SHA256

680327b39d67502103cc9ac8656564529c9a2765adbf563f3145589bcf87681b
SHA512

e9fe542fbada4bad0218441aa12a1a8d05408fd6300d4cdeaec31ccc9b4bbaf70766defd42b7cc748f2cb0a04cb7138d4e993823051949567cd876ef32389030
SSDEEP

6144:yfV+qzgQA7uQnHcjwlkEjA2ZZrTpnHqseZyTWSfbSRk4ewqK5u:yN1gQA7pHcKkQAY/beZDEK5u

Score

7^/10

Executes dropped EXE 2 IoCs

pid	Process
2144	Handle64.exe
1348	Process not Found

Loads dropped DLL 1 IoCs

pid	Process
2364	Handle.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2364 wrote to memory of 2144	2364	Handle.exe	29
PID 2364 wrote to memory of 2144	2364	Handle.exe	29
PID 2364 wrote to memory of 2144	2364	Handle.exe	29
PID 2364 wrote to memory of 2144	2364	Handle.exe	29

C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe
"C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2364
- C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle64.exe
  "C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle.exe"
  2⤵
  - Executes dropped EXE
  PID:2144

C:\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle64.exe

Filesize
276KB

MD5
cd073bb6ed5b50375759b2084e8999b6

SHA1
6c6790415e0cd85a4b311004c14bdbf99be810f7

SHA256
a1a17bc5a8de40196ae236adae826772851aa0ca16511fc33412bcfdf7d2847d

SHA512
ad4ccc53765641bc929187fcdc331ba38875cde132d74a562aeb903fcebd3bfedbed5c33566e676e7e5b7e38c0dc746edf0a1f6697d6d95d5b9d754083373674

Download Submit
\Users\Admin\AppData\Local\Temp\AutoSettings\Files\Tools\Handle64.exe

Filesize
129KB

MD5
e758eeb85c8fd659c15149ca9918b46a

SHA1
9b2b60a80e01c210cae1f7b0b566e761f08452ee

SHA256
4bb8e76d6282a333f82809f59d02f84490670d68960798a69258dbab5a218c9b

SHA512
6774cb198e5af2d327cf10a2cd44d33cfd45ba5e2282f42055ec4bd6a6bcbff0d779a0a567b2b62f6bd7becb3be2098d74caf9c33f70141cfe013b58956ee708

Download Submit