b2a09a522b064a0447b9892749f522b1511c4d16c52b88a7174d3278e686ef8c

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30-12-2023 14:04

Target

1ae8928d0ceea1a4d8292a2daa2e3e96.exe
Size

715KB
MD5

1ae8928d0ceea1a4d8292a2daa2e3e96
SHA1

cd1c49b214f4e2530c0cc90c27e0c58f0646b7dc
SHA256

b2a09a522b064a0447b9892749f522b1511c4d16c52b88a7174d3278e686ef8c
SHA512

bdc299b0c30436043d72e27fb0c7a14017cf6071b6eeb56c5f2015e3c067bf80d3d5f85055ddc91f83e76ac79588f7bced6901c19ddd4362211124d602908c9c
SSDEEP

12288:McKi0EY93xuNmN5D7w2Nebuh3eHam15vH/qgaBT16sSTYg3A3Ts5w8ABt5:M/La4vwOBVmDHYKsSTOTs+8c5

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2008 set thread context of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14
PID 2008 wrote to memory of 2844	2008	1ae8928d0ceea1a4d8292a2daa2e3e96.exe	14

C:\Users\Admin\AppData\Local\Temp\1ae8928d0ceea1a4d8292a2daa2e3e96.exe
"C:\Users\Admin\AppData\Local\Temp\1ae8928d0ceea1a4d8292a2daa2e3e96.exe"
1⤵
PID:2844

memory/2008-17-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2844-4-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-20-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-23-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-21-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-19-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-14-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2844-13-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-10-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-7-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-2-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download
memory/2844-0-0x0000000000400000-0x0000000000421000-memory.dmp

Filesize
132KB

Download