d5fd4bbb8a4e7c67a02410b0ffdea75d9752115b1509e6b1943423fd12c42a78

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 17:35

Target

751b9f800623a95400199b9b2764eb00.exe
Size

94KB
MD5

751b9f800623a95400199b9b2764eb00
SHA1

7c39cc186c5771cb62e97459b09c4785a371f5a7
SHA256

d5fd4bbb8a4e7c67a02410b0ffdea75d9752115b1509e6b1943423fd12c42a78
SHA512

055fa43f426610dd9f3d2d556648fdbfaee363235fa24a3da052652aa34f7c251002c2a06ab2997665c4928d8acdaf9f787aa1f1155ebddaff3a17b03e02c9e1
SSDEEP

1536:rNcsNM1tBy+GlxfnXgS2kdn6Pj3tXcGfSy9fhGt4ALiPGriKlX:rNBNclGTfnX8k8j3tXcGfSShHALi8J

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

Processes:

751b9f800623a95400199b9b2764eb00.exe

description pid process target process

PID 2416 set thread context of 2124 2416 751b9f800623a95400199b9b2764eb00.exe 751b9f800623a95400199b9b2764eb00.exe
Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes:

751b9f800623a95400199b9b2764eb00.exe

pid process

2124 751b9f800623a95400199b9b2764eb00.exe

description	pid	process	target process
PID 2416 set thread context of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe

pid	process
2124	751b9f800623a95400199b9b2764eb00.exe

Suspicious use of WriteProcessMemory 13 IoCs

Processes:

751b9f800623a95400199b9b2764eb00.exe751b9f800623a95400199b9b2764eb00.exe

description	pid	process	target process
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2416 wrote to memory of 2124	2416	751b9f800623a95400199b9b2764eb00.exe	751b9f800623a95400199b9b2764eb00.exe
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE
PID 2124 wrote to memory of 1196	2124	751b9f800623a95400199b9b2764eb00.exe	Explorer.EXE

memory/1196-11-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/1196-17-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/2124-0-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-2-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-4-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-5-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-7-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-8-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-9-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/2124-29-0x0000000000400000-0x000000000040B000-memory.dmp

Filesize
44KB

Download
memory/2124-31-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download