7154c3646168338ca529ebd6f0a531ab9939b79352d9cad27273fde9c1e399af

Analysis

max time kernel
151s
max time network
171s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
28/12/2023, 21:56

Target

faf9027aee5ed78c54743ae5337460b1.exe
Size

73KB
MD5

faf9027aee5ed78c54743ae5337460b1
SHA1

bf4cbb7be9f46732ee8ea0e8105bd470e5587916
SHA256

7154c3646168338ca529ebd6f0a531ab9939b79352d9cad27273fde9c1e399af
SHA512

cd9a83295ad1433663016f96670ebeff9ca250d29cd7e00d89ad6294ecb5f1cd97fffea41a2debeeac2d3d26f6f21f52d55218473e56edc5492955f25a69c54b
SSDEEP

1536:ACUnLApmGtaFrmH+MpJc+8JhXlR9ceq3WU:AmyFrYHJdMhXtQ

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4648 set thread context of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 4648 wrote to memory of 1128	4648	faf9027aee5ed78c54743ae5337460b1.exe	90
PID 1128 wrote to memory of 3520	1128	faf9027aee5ed78c54743ae5337460b1.exe	66
PID 1128 wrote to memory of 3520	1128	faf9027aee5ed78c54743ae5337460b1.exe	66
PID 1128 wrote to memory of 3520	1128	faf9027aee5ed78c54743ae5337460b1.exe	66
PID 1128 wrote to memory of 3520	1128	faf9027aee5ed78c54743ae5337460b1.exe	66

memory/1128-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1128-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1128-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1128-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1128-5-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/1128-13-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/3520-7-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3520-8-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download