5d95cb1ee5b0d5ebe9c6c8d5e005ce57eb78824c5cd0043f81eff2c0e6956fd4

Analysis

max time kernel
146s
max time network
65s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26/12/2023, 10:20

Target

66ca368737b1673cfea0734811fdeb35.exe
Size

54KB
MD5

66ca368737b1673cfea0734811fdeb35
SHA1

1efe06ff7459a6596266769f68720e228fff24fd
SHA256

5d95cb1ee5b0d5ebe9c6c8d5e005ce57eb78824c5cd0043f81eff2c0e6956fd4
SHA512

2a5ef57163e802bc52b6a5d8dd2ccae957092ebbbe74d90314e590e6fc9b86a0b514b23cca79148ff26b3b5c66fe785f13a8d637752722de4e6a0ec24580dcb2
SSDEEP

768:ievFIYG0on6HGavZUdQffoaFNnioNQpMGYr2UfnOx2Nmt+Y0RSGcbmI+51Oa/HY4:j8V6HGavhgaLpRmt+Yb+fF4dFq66

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3468 wrote to memory of 3388	3468	66ca368737b1673cfea0734811fdeb35.exe	46
PID 3468 wrote to memory of 3388	3468	66ca368737b1673cfea0734811fdeb35.exe	46
PID 3468 wrote to memory of 3388	3468	66ca368737b1673cfea0734811fdeb35.exe	46
PID 3468 wrote to memory of 3388	3468	66ca368737b1673cfea0734811fdeb35.exe	46

memory/3388-2-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3388-3-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download
memory/3468-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/3468-1-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/3468-7-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/3468-6-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download