06d8a1125af3635f4a951e2752313e1d18a912e446e8d6a6d19a7270d97fc1ce

Analysis

max time kernel
0s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
29/12/2023, 19:08

Target

014469a5a26318acc4d4000e78395439.exe
Size

618KB
MD5

014469a5a26318acc4d4000e78395439
SHA1

43c6315661f162095786961a79c171cd3e32603f
SHA256

06d8a1125af3635f4a951e2752313e1d18a912e446e8d6a6d19a7270d97fc1ce
SHA512

79ee8c0075797dcfe049ff2a1487b386a234db16e1b03f7edd3fc3614d556c9a3794ae6ef78eaf653dce833341b5699c0be17caf5370ba07a32a5bbb412764f1
SSDEEP

12288:VwqCW0Bn5vh5E79ywG8eTzp3u4uFx5Jv0q4n7ENhM6:VpwnJAJRgzp3u4Q5JoE9

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 3 IoCs

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2316 wrote to memory of 2372	2316	014469a5a26318acc4d4000e78395439.exe	18
PID 2316 wrote to memory of 2372	2316	014469a5a26318acc4d4000e78395439.exe	18
PID 2316 wrote to memory of 2372	2316	014469a5a26318acc4d4000e78395439.exe	18
PID 2316 wrote to memory of 2372	2316	014469a5a26318acc4d4000e78395439.exe	18
PID 2316 wrote to memory of 2184	2316	014469a5a26318acc4d4000e78395439.exe	17
PID 2316 wrote to memory of 2184	2316	014469a5a26318acc4d4000e78395439.exe	17
PID 2316 wrote to memory of 2184	2316	014469a5a26318acc4d4000e78395439.exe	17
PID 2316 wrote to memory of 2184	2316	014469a5a26318acc4d4000e78395439.exe	17

C:\Users\Admin\AppData\Local\Temp\014469a5a26318acc4d4000e78395439.exe
watch
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:2184

C:\Users\Admin\AppData\Local\Temp\014469a5a26318acc4d4000e78395439.exe
start
1⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
PID:2372

memory/2184-9-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2184-11-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2184-6-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2316-1-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2316-4-0x0000000000380000-0x0000000000381000-memory.dmp

Filesize
4KB

Download
memory/2316-2-0x00000000002E0000-0x00000000002E1000-memory.dmp

Filesize
4KB

Download
memory/2316-0-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2316-3-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2316-12-0x0000000000380000-0x0000000000381000-memory.dmp

Filesize
4KB

Download
memory/2372-8-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2372-7-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2372-5-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download
memory/2372-10-0x0000000000400000-0x00000000004A0000-memory.dmp

Filesize
640KB

Download