5c2813a8dfb8401b297e1deb4e922befe104f1a8386f8518f5bbeaadbaf3c3c7

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
12/01/2024, 00:56

Target

550d5f72df71778bb41673da2e179ff1.exe
Size

72KB
MD5

550d5f72df71778bb41673da2e179ff1
SHA1

7a7a2a5929c10010931b631f84caf73181456783
SHA256

5c2813a8dfb8401b297e1deb4e922befe104f1a8386f8518f5bbeaadbaf3c3c7
SHA512

edbe9f95a217eed8afed29075b5c8ac3b4b886078fa25efcf972cedea190735c9898fd407c1ec8b516dfa8f8bc65578b30b958b603427d12a614f5bdc889339f
SSDEEP

1536:/xKDk1CmL2LOdv8jcibzuIITQ0TQrkTTFvoxo8+ethM:w5Y2LNjcEuIITQ0TWaTaGUthM

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1660 set thread context of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16
PID 1660 wrote to memory of 2500	1660	550d5f72df71778bb41673da2e179ff1.exe	16

C:\Users\Admin\AppData\Local\Temp\550d5f72df71778bb41673da2e179ff1.exe
"C:\Users\Admin\AppData\Local\Temp\550d5f72df71778bb41673da2e179ff1.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1660
- C:\Users\Admin\AppData\Local\Temp\550d5f72df71778bb41673da2e179ff1.exe
  C:\Users\Admin\AppData\Local\Temp\550d5f72df71778bb41673da2e179ff1.exe
  2⤵
  PID:2500

memory/1660-6-0x0000000010000000-0x000000001000D000-memory.dmp

Filesize
52KB

Download
memory/1660-5-0x0000000000220000-0x000000000022D000-memory.dmp

Filesize
52KB

Download
memory/1660-0-0x0000000010000000-0x000000001000D000-memory.dmp

Filesize
52KB

Download
memory/2500-4-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/2500-9-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/2500-10-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/2500-8-0x0000000010000000-0x000000001000D000-memory.dmp

Filesize
52KB

Download
memory/2500-7-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/2500-2-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2500-1-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download
memory/2500-11-0x0000000000400000-0x0000000000413000-memory.dmp

Filesize
76KB

Download