499caef347bd14c63977316b3bf6cf399b2a4c259d63a0b9d6fb90bb047ee376

Analysis

max time kernel
92s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
17/01/2024, 23:28

Target

63e37d79426d0249b0189540da8baa8e.exe
Size

77KB
MD5

63e37d79426d0249b0189540da8baa8e
SHA1

f23f6d611958751ad4a2f8de5e5496e0b3fda007
SHA256

499caef347bd14c63977316b3bf6cf399b2a4c259d63a0b9d6fb90bb047ee376
SHA512

afee6bb200f0d1bf87feb548477eb0536df8cf0a500e99e1f3fd4c8898c4ae0718601c5467c2d22fdaa6de56b41e0818cd665f48664d75290b4d18712b64dec1
SSDEEP

1536:8gicU4kX+ozuOIirR5uC+yHh1F4F4uOoiVWOoOK:VvU4kX+ozuOIirPuCnhL4G/xVWvO

Score

1^/10

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2796	63e37d79426d0249b0189540da8baa8e.exe

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 2796 wrote to memory of 804	2796	63e37d79426d0249b0189540da8baa8e.exe	86
PID 2796 wrote to memory of 804	2796	63e37d79426d0249b0189540da8baa8e.exe	86
PID 2796 wrote to memory of 804	2796	63e37d79426d0249b0189540da8baa8e.exe	86
PID 2796 wrote to memory of 804	2796	63e37d79426d0249b0189540da8baa8e.exe	86
PID 2796 wrote to memory of 804	2796	63e37d79426d0249b0189540da8baa8e.exe	86

memory/2796-0-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2796-1-0x00000000001E0000-0x00000000001F2000-memory.dmp

Filesize
72KB

Download
memory/2796-4-0x0000000000400000-0x0000000000414000-memory.dmp

Filesize
80KB

Download
memory/2796-5-0x00000000008F0000-0x00000000008FE000-memory.dmp

Filesize
56KB

Download