ae0d719fbed2ae7900bfe4ae4beec35327bb363a6af5aad344d14804e1cfad06

Analysis

max time kernel
142s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24-01-2024 10:26

Target

71fd0b9614ae37a9d1f05b0f7843059f.exe
Size

104KB
MD5

71fd0b9614ae37a9d1f05b0f7843059f
SHA1

d74a5359905aa961b2c937c0b61b2cf012876117
SHA256

ae0d719fbed2ae7900bfe4ae4beec35327bb363a6af5aad344d14804e1cfad06
SHA512

167741c0e14e94a6e8295168763b0dcefa9495ec57256d17e72df45f419419c65f7f1bb25a6bc22646bfa25ad6c8e9efff899c3ddeefeb89bd088dd409651ed5
SSDEEP

1536:EMltOCIIi8s5LeloMHga0kL0qj5SeZLPOUNVjJ6tVe1lzZevJBD:DY54v30qj5S/ud1PevJBD

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2988 wrote to memory of 3464	2988	71fd0b9614ae37a9d1f05b0f7843059f.exe	58
PID 2988 wrote to memory of 3464	2988	71fd0b9614ae37a9d1f05b0f7843059f.exe	58
PID 2988 wrote to memory of 3464	2988	71fd0b9614ae37a9d1f05b0f7843059f.exe	58
PID 2988 wrote to memory of 3464	2988	71fd0b9614ae37a9d1f05b0f7843059f.exe	58

memory/2988-0-0x00000000009C0000-0x00000000009FC000-memory.dmp

Filesize
240KB

Download
memory/2988-1-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2988-2-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download
memory/2988-3-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2988-10-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/3464-4-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3464-5-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download