b5757034246f397d8289ec0504d1f969d00ff0bf6c9e4a25631fd32ddde2c510

Analysis

max time kernel
117s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 02:58

Target

25772f336b601779dfc9ad62fbd50bde.exe
Size

336KB
MD5

25772f336b601779dfc9ad62fbd50bde
SHA1

481c4a5396e9feac1fa7c44fcc8f9b42c7a1d172
SHA256

b5757034246f397d8289ec0504d1f969d00ff0bf6c9e4a25631fd32ddde2c510
SHA512

40a79bb1e2c2918f07fa6a15bf0b456704863e00b263e66759f5f74b4644846ec4209025414e7873eab92ba3a6cd181eacb32e2b78c6601463b69b4e5504a494
SSDEEP

6144:cJGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGG/GGGGGbGGGGGqGGTGGj:Zc269z

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1188 set thread context of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
1872	25772f336b601779dfc9ad62fbd50bde.exe
1872	25772f336b601779dfc9ad62fbd50bde.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1188 wrote to memory of 1872	1188	25772f336b601779dfc9ad62fbd50bde.exe	25
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11
PID 1872 wrote to memory of 1308	1872	25772f336b601779dfc9ad62fbd50bde.exe	11

memory/1188-2-0x0000000000220000-0x000000000027A000-memory.dmp

Filesize
360KB

Download
memory/1188-0-0x0000000019140000-0x00000000191996B0-memory.dmp

Filesize
357KB

Download
memory/1188-6-0x0000000019140000-0x00000000191996B0-memory.dmp

Filesize
357KB

Download
memory/1308-12-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1308-18-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/1872-5-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1872-10-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1872-9-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1872-8-0x0000000019140000-0x00000000191996B0-memory.dmp

Filesize
357KB

Download
memory/1872-11-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download
memory/1872-3-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/1872-1-0x0000000000400000-0x000000000040A000-memory.dmp

Filesize
40KB

Download
memory/1872-30-0x0000000010000000-0x0000000010011000-memory.dmp

Filesize
68KB

Download