e124684320846671b18ec7021f7ab232c2e82c1d8a6532670f4beedd365fbd45

Analysis

max time kernel
147s
max time network
124s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
02/01/2024, 00:48

Target

3e4c740c07562f0702d4e25b28a83101.exe
Size

22KB
MD5

3e4c740c07562f0702d4e25b28a83101
SHA1

efdfb76274a801ef4185dd4b58f54db26ff8e40e
SHA256

e124684320846671b18ec7021f7ab232c2e82c1d8a6532670f4beedd365fbd45
SHA512

b6f584e534a96ff565e7fc52dc12b2e03b4b8e2116396da9e7390a70e46bd95aac0befddc07826bef3b0711fa45d67f481685edc060baad542cc2c3ffcaff04f
SSDEEP

384:7kOWerq8wRGtZfsz6pE/0HNwYgRfU1qebHgp+zkgGuZJGcMJxDTHfRm:wOWerqdRQVszD/mOYQUbHKuNlMTDT/Rm

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 432 set thread context of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 432 wrote to memory of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91
PID 432 wrote to memory of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91
PID 432 wrote to memory of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91
PID 432 wrote to memory of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91
PID 432 wrote to memory of 3316	432	3e4c740c07562f0702d4e25b28a83101.exe	91

C:\Users\Admin\AppData\Local\Temp\3e4c740c07562f0702d4e25b28a83101.exe
"C:\Users\Admin\AppData\Local\Temp\3e4c740c07562f0702d4e25b28a83101.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:432
- C:\Users\Admin\AppData\Local\Temp\3e4c740c07562f0702d4e25b28a83101.exe
  C:\Users\Admin\AppData\Local\Temp\3e4c740c07562f0702d4e25b28a83101.exe
  2⤵
  PID:3316

memory/432-1-0x0000000010000000-0x000000001000B000-memory.dmp

Filesize
44KB

Download
memory/3316-3-0x0000000000400000-0x0000000000402000-memory.dmp

Filesize
8KB

Download
memory/3316-0-0x0000000000400000-0x0000000000402000-memory.dmp

Filesize
8KB

Download