32c6abf1cf0a95a7306723f80e74e10ed8fc4b966cb6feebfe12548a7fdde37f

Analysis

max time kernel
144s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
30/12/2023, 13:10

Target

19852609ab98dedb9d07ac8842558164.exe
Size

400KB
MD5

19852609ab98dedb9d07ac8842558164
SHA1

7f9edfcfbe047fa37a776770f131bc3797e66447
SHA256

32c6abf1cf0a95a7306723f80e74e10ed8fc4b966cb6feebfe12548a7fdde37f
SHA512

21006e3dd4187236910870e806353f86be0a0a924159b060db6724087ce7e752567c4dc3df1c7e33331abcf014f2887ad5d34604e678fa2fe20ef9a7bb6879a8
SSDEEP

6144:uFxTaDaBrX99L162Y4SVFH34Ya2EpQ01S1Nx8KDkc+m+t8jpt:uFxTaD+X9pJYhN34YaTj1sNmgkC+t8j

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
3964	dependant.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\distribution\dependant.exe	19852609ab98dedb9d07ac8842558164.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1352 wrote to memory of 3964	1352	19852609ab98dedb9d07ac8842558164.exe	87
PID 1352 wrote to memory of 3964	1352	19852609ab98dedb9d07ac8842558164.exe	87
PID 1352 wrote to memory of 3964	1352	19852609ab98dedb9d07ac8842558164.exe	87

C:\Program Files\distribution\dependant.exe

Filesize
400KB

MD5
67a0f2d1c45e52f4ce5ef7cb3cd13186

SHA1
4cb5b311138ed89930c9e2eb6f59968f161a0208

SHA256
6d248661622ff2a17a60d8781e79ba7ce662ed3402bb8fe99eb210809f73e4eb

SHA512
cb8226cb032d7cbf2ba6261e952d93d4b18683a301382dd502a4e453aa0a9b31077e094519e2b27f4a4f82afd9287ab0f6fed684e542afbcd778d0107d9c222c

Download Submit