df16f4e7d9a8b8c548a0c9088f3fd240555b1ecf319d32d510c02575ee2cb020

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31/12/2023, 04:30

Target

28373a01a71e998fc599e169c5481e57.exe
Size

82KB
MD5

28373a01a71e998fc599e169c5481e57
SHA1

9dc5c540b174be8bd13ffe81cd2f0fabb6e22837
SHA256

df16f4e7d9a8b8c548a0c9088f3fd240555b1ecf319d32d510c02575ee2cb020
SHA512

2be078fecaf9a188b2dad37f46780c5cad6983966b25bdf9c9f3b5e6dd347a2cb7835e539cc4fd2e34527137c2aee91993aa3912f20f5063831bb00b2aa6575b
SSDEEP

1536:AtV6HGavzgamfRK9zm30dnvfM1aY/BEBfBC8CJOsYvX:AtVqnvofcCkYpEBJC8CB0X

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 916 wrote to memory of 3560	916	28373a01a71e998fc599e169c5481e57.exe	82
PID 916 wrote to memory of 3560	916	28373a01a71e998fc599e169c5481e57.exe	82
PID 916 wrote to memory of 3560	916	28373a01a71e998fc599e169c5481e57.exe	82
PID 916 wrote to memory of 3560	916	28373a01a71e998fc599e169c5481e57.exe	82

memory/916-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/916-1-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/916-7-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/916-8-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/3560-3-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3560-4-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download