88dc580234c9dd24c2d7bca59bd81f8b60c2f8ce056eb9ff3641fda03d29ffcf

Analysis

max time kernel
120s
max time network
134s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06-01-2024 17:00

Target

46bdfc494e1fcb743c8f7fc2722ec716.exe
Size

67KB
MD5

46bdfc494e1fcb743c8f7fc2722ec716
SHA1

a111b1563f4422963222aaee7d80b182238d0eb5
SHA256

88dc580234c9dd24c2d7bca59bd81f8b60c2f8ce056eb9ff3641fda03d29ffcf
SHA512

9f5e2e393b8399cf252578915ee5f992d4ef424e5f263b2ae46f82ee1f11e6082f98746c514bf1cad2e34aae8566de2ebb21d71b4127631aa2561256103e9d88
SSDEEP

768:efrx2A8f3tIe5zC9tv/b8yHE53oSorRUvCsguxv3Vrpl859ubT3VpcxvSbMHnUTK:hAk3tmY5Kr2CshxHGK7HqUT60ek8

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 3052 set thread context of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2132	46bdfc494e1fcb743c8f7fc2722ec716.exe
2132	46bdfc494e1fcb743c8f7fc2722ec716.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3052	46bdfc494e1fcb743c8f7fc2722ec716.exe

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 3052 wrote to memory of 2132	3052	46bdfc494e1fcb743c8f7fc2722ec716.exe	28
PID 2132 wrote to memory of 1196	2132	46bdfc494e1fcb743c8f7fc2722ec716.exe	7
PID 2132 wrote to memory of 1196	2132	46bdfc494e1fcb743c8f7fc2722ec716.exe	7
PID 2132 wrote to memory of 1196	2132	46bdfc494e1fcb743c8f7fc2722ec716.exe	7
PID 2132 wrote to memory of 1196	2132	46bdfc494e1fcb743c8f7fc2722ec716.exe	7

memory/1196-18-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/1196-21-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

Filesize
4KB

Download
memory/2132-6-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-10-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2132-9-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-14-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-15-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/2132-16-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2132-17-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2132-32-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download