00f3560f70cd6e25d66afde1f88b047cc7b9c08c3c6b0ead05ad9b7074c6fbb8

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30-12-2023 13:13

Target

199a404ba11614ea37cfda02553d2042.exe
Size

20KB
MD5

199a404ba11614ea37cfda02553d2042
SHA1

7617497335cb7fb47fb27c62a7ba03a10462eaad
SHA256

00f3560f70cd6e25d66afde1f88b047cc7b9c08c3c6b0ead05ad9b7074c6fbb8
SHA512

254e22979dbbc64ade73bdaedeb62cf216d9a2daa09036fd948ff576089fcc29b325efafc3ac60f5fc9126a0bedd7bd6c5bb8b7d7062056c649d6010fbf9e3db
SSDEEP

384:1hd36RMI2zVTpLKonrlcmAghPa8/XXvQRNKt+82bFYlGocUsC8ZE67Rd:1PLV1fnRcmc8/HoRWT2BYUvbf3

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2008 set thread context of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28
PID 2008 wrote to memory of 1556	2008	199a404ba11614ea37cfda02553d2042.exe	28

C:\Users\Admin\AppData\Local\Temp\199a404ba11614ea37cfda02553d2042.exe
"C:\Users\Admin\AppData\Local\Temp\199a404ba11614ea37cfda02553d2042.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2008
- C:\Users\Admin\AppData\Local\Temp\199a404ba11614ea37cfda02553d2042.exe
  "C:\Users\Admin\AppData\Local\Temp\199a404ba11614ea37cfda02553d2042.exe"
  2⤵
  PID:1556

memory/1556-0-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/1556-2-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/1556-4-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/1556-5-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/1556-6-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/1556-10-0x0000000000400000-0x0000000000403000-memory.dmp

Filesize
12KB

Download
memory/1556-12-0x0000000000400000-0x0000000000402274-memory.dmp

Filesize
8KB

Download
memory/2008-9-0x0000000000400000-0x000000000040B0BC-memory.dmp

Filesize
44KB

Download