8fae409b89daf9f7b48033202974c038c752bef22cf865c4146ffdb30661cdd8

Analysis

max time kernel
144s
max time network
148s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
24/01/2024, 20:58

Target

72d76b7483362b17aeece6a2a5ad45d8.exe
Size

317KB
MD5

72d76b7483362b17aeece6a2a5ad45d8
SHA1

c8b9feed6508e5becf0eda21f749a1efbcdf6c72
SHA256

8fae409b89daf9f7b48033202974c038c752bef22cf865c4146ffdb30661cdd8
SHA512

c747ebbeb22a33b6f84beccbc0124440cbb77b72636bcb32f5686357274c7cf927bbd4c06a649abfd9dd4f924756c950bfc42dc02b571f8cfebaf7d3bc0da783
SSDEEP

6144:x/zf1vkWdwtYJml8waoBclJIXTE1Fysja+Gy1xSsBeDI8S:5NvkWit8w27Ijz47xEDA

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4172 set thread context of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88
PID 4172 wrote to memory of 1924	4172	72d76b7483362b17aeece6a2a5ad45d8.exe	88

C:\Users\Admin\AppData\Local\Temp\72d76b7483362b17aeece6a2a5ad45d8.exe
"C:\Users\Admin\AppData\Local\Temp\72d76b7483362b17aeece6a2a5ad45d8.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4172
- C:\Users\Admin\AppData\Local\Temp\72d76b7483362b17aeece6a2a5ad45d8.exe
  "C:\Users\Admin\AppData\Local\Temp\72d76b7483362b17aeece6a2a5ad45d8.exe"
  2⤵
  PID:1924

memory/1924-1-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/1924-4-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/1924-5-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/1924-6-0x0000000000400000-0x0000000000444000-memory.dmp

Filesize
272KB

Download
memory/4172-0-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download
memory/4172-2-0x0000000000400000-0x0000000000459000-memory.dmp

Filesize
356KB

Download