638794165fab839a3a10165495b3f2c611e64a3a0003406d9cada7db937422ea

Analysis

max time kernel
122s
max time network
135s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30-12-2023 22:23

Target

1e594f7a3f2593bd0a9722035bc57d6c.exe
Size

60KB
MD5

1e594f7a3f2593bd0a9722035bc57d6c
SHA1

6e19bd899720d27220accbca64e56acf52fbcef0
SHA256

638794165fab839a3a10165495b3f2c611e64a3a0003406d9cada7db937422ea
SHA512

b9195851c75e082ca57ae74d3c21c5368c9b70cd0cb603492bb6fbb13b0b61f1fb470a3cd3cedf669a0227eb93815d2a81f590fdfe3f618a12eddfef5c5e5f66
SSDEEP

1536:CJ2J8P7xlXiiNqPBzngNstU5rHnPCfgkSyXclu:CRP9lXMptO7PCYrTo

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2944 set thread context of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28

Suspicious behavior: EnumeratesProcesses 3 IoCs

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2944 wrote to memory of 2392	2944	1e594f7a3f2593bd0a9722035bc57d6c.exe	28
PID 2392 wrote to memory of 1216	2392	1e594f7a3f2593bd0a9722035bc57d6c.exe	19
PID 2392 wrote to memory of 1216	2392	1e594f7a3f2593bd0a9722035bc57d6c.exe	19
PID 2392 wrote to memory of 1216	2392	1e594f7a3f2593bd0a9722035bc57d6c.exe	19
PID 2392 wrote to memory of 1216	2392	1e594f7a3f2593bd0a9722035bc57d6c.exe	19

memory/1216-12-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/1216-15-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

Filesize
4KB

Download
memory/2392-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-9-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-8-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-10-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-11-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2392-24-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2392-26-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download