e85fcacc4b8aa8515e2aa375263cd5d4de6966e5c516442b478742a1e1d6aeb3

Analysis

max time kernel
121s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
23-01-2024 21:44

Target

70a287ef1f52b3c325a7f05e1a9f725b.exe
Size

476KB
MD5

70a287ef1f52b3c325a7f05e1a9f725b
SHA1

f87c2fe8d2f24a79d04729235b497fe033ef4f0d
SHA256

e85fcacc4b8aa8515e2aa375263cd5d4de6966e5c516442b478742a1e1d6aeb3
SHA512

99ba092a2798aa29d5fb278c8e9c22484d65e8da6e4963790580d80de6761ff702f3435083016773b882c3d96cdb822d5ea82974f242db90bfde2c45bb551494
SSDEEP

6144:EJZv5zFiIOdz2oRNrR4khl546+AOTt2Xys8CVIza7iZAXXXXXt7:WLFC2oRNrrhDuuy0

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2280 set thread context of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28
PID 2280 wrote to memory of 2380	2280	70a287ef1f52b3c325a7f05e1a9f725b.exe	28

C:\Users\Admin\AppData\Local\Temp\70a287ef1f52b3c325a7f05e1a9f725b.exe
"C:\Users\Admin\AppData\Local\Temp\70a287ef1f52b3c325a7f05e1a9f725b.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2280
- C:\Users\Admin\AppData\Local\Temp\70a287ef1f52b3c325a7f05e1a9f725b.exe
  "C:\Users\Admin\AppData\Local\Temp\70a287ef1f52b3c325a7f05e1a9f725b.exe"
  2⤵
  PID:2380

memory/2380-0-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-2-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-4-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-6-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-8-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-10-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-12-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-13-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/2380-14-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download