1c58a3e251141732bc27e6f058625ff14c46b79af02f907f535ce3200d241a75

Analysis

max time kernel
152s
max time network
170s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-12-2023 13:57

Target

38e11adbc07bd32bf5159bdac1f4788e.exe
Size

264KB
MD5

38e11adbc07bd32bf5159bdac1f4788e
SHA1

650a205cf54b64d9bc5bcddf65595dd0c18d76cf
SHA256

1c58a3e251141732bc27e6f058625ff14c46b79af02f907f535ce3200d241a75
SHA512

7ab6e7dca0ed92ef6349fd8bd713cd09c57bc9227e847b974e6674838ff9423a27e42029a89529c079c7f19f448aaec227bdebee76d9945d09077c0e7d9bdbc7
SSDEEP

6144:dIlUbo4dxbVMGA1nOS/j07lKLiAeBRuRMMDngtinmv7LoIl:dGULxBy1OS7u4eAeBRkMMctxzp

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4704 set thread context of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92
PID 4704 wrote to memory of 1388	4704	38e11adbc07bd32bf5159bdac1f4788e.exe	92

C:\Users\Admin\AppData\Local\Temp\38e11adbc07bd32bf5159bdac1f4788e.exe
"C:\Users\Admin\AppData\Local\Temp\38e11adbc07bd32bf5159bdac1f4788e.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4704
- C:\Users\Admin\AppData\Local\Temp\38e11adbc07bd32bf5159bdac1f4788e.exe
  "C:\Users\Admin\AppData\Local\Temp\38e11adbc07bd32bf5159bdac1f4788e.exe"
  2⤵
  PID:1388

memory/1388-2-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/1388-4-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/1388-5-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/1388-6-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/4704-1-0x00000000005D0000-0x00000000005D8000-memory.dmp

Filesize
32KB

Download
memory/4704-0-0x00000000005D0000-0x00000000005D8000-memory.dmp

Filesize
32KB

Download