ccf0fa69dfe550851d455092c8b239827c7496b79739ff8d43e1b1bc81eb2cd0

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06/01/2024, 21:15

Target

4731fc3837423e50c6ca4814df421ef2.exe
Size

145KB
MD5

4731fc3837423e50c6ca4814df421ef2
SHA1

3d9638e86beca21ed54d60810d1ed218ad50576f
SHA256

ccf0fa69dfe550851d455092c8b239827c7496b79739ff8d43e1b1bc81eb2cd0
SHA512

00a4c9ab1ecc4e087582720a22da6de30c0bffc17fbd782ce003a9397a04b36fbaee8b624383cb5b9a79e6ec11354319557fe89b09a9e14fd31e50e078346e5d
SSDEEP

3072:iPKwtuRRJtr4RwSkgpWdIxaOirOLgY4luteMds8VwuNNJTHeHwtjhDnYjs9:ioRE0IxcIteMds8Vwubp+QfY

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2008 set thread context of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28
PID 2008 wrote to memory of 2128	2008	4731fc3837423e50c6ca4814df421ef2.exe	28

C:\Users\Admin\AppData\Local\Temp\4731fc3837423e50c6ca4814df421ef2.exe
"C:\Users\Admin\AppData\Local\Temp\4731fc3837423e50c6ca4814df421ef2.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2008
- C:\Users\Admin\AppData\Local\Temp\4731fc3837423e50c6ca4814df421ef2.exe
  C:\Users\Admin\AppData\Local\Temp\4731fc3837423e50c6ca4814df421ef2.exe
  2⤵
  PID:2128

memory/2008-5-0x0000000000400000-0x000000000042A000-memory.dmp

Filesize
168KB

Download
memory/2128-0-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2128-2-0x0000000001000000-0x0000000001013000-memory.dmp

Filesize
76KB

Download
memory/2128-3-0x0000000001000000-0x0000000001013000-memory.dmp

Filesize
76KB

Download