bed79e9c40b25f9b9da87fe665fa9e994de80bc72f347b7d97d70c18e626de72

Analysis

max time kernel
117s
max time network
136s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
31/12/2023, 14:30

Target

39e27bc8a9380c208969531388af5f9f.exe
Size

439KB
MD5

39e27bc8a9380c208969531388af5f9f
SHA1

2c18d442753214e340fa2ab7973237771f66fa95
SHA256

bed79e9c40b25f9b9da87fe665fa9e994de80bc72f347b7d97d70c18e626de72
SHA512

72d623e02381ef9f74efae38a5649a9fc25e8ffb7cdb20dd8811a82fb242af100767a48812695d08321c9dc6e24c4edb4e9d7bca6bf455e15e9b8737d7d3dd31
SSDEEP

6144:qAt2UChuItoFHSQKIbyzHvXWQZ8gD16NTlK2BSkGZCnbgtgGFajvBGKtQ:G04gyQvbyrvxJ6tlrBwoi7EjpGK

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2204 set thread context of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27

Suspicious use of WriteProcessMemory 16 IoCs

description	pid	Process	procid_target
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27
PID 2204 wrote to memory of 2228	2204	39e27bc8a9380c208969531388af5f9f.exe	27

C:\Users\Admin\AppData\Local\Temp\39e27bc8a9380c208969531388af5f9f.exe
"C:\Users\Admin\AppData\Local\Temp\39e27bc8a9380c208969531388af5f9f.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2204
- C:\Users\Admin\AppData\Local\Temp\39e27bc8a9380c208969531388af5f9f.exe
  C:\Users\Admin\AppData\Local\Temp\39e27bc8a9380c208969531388af5f9f.exe
  2⤵
  PID:2228

memory/2204-35-0x0000000000400000-0x0000000000474000-memory.dmp

Filesize
464KB

Download
memory/2228-22-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-10-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-19-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-36-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-32-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2228-31-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-28-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-16-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-25-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-13-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-4-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-7-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-2-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-0-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download
memory/2228-37-0x0000000000400000-0x000000000045F000-memory.dmp

Filesize
380KB

Download