4dbfd31f6cabd450ee406f20e50ff50385d52312d0c191afbbec8fa4a7b135e0

Analysis

max time kernel
122s
max time network
125s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25-01-2024 16:47

Target

750170ed877c0af0dd952a305033df15.exe
Size

797KB
MD5

750170ed877c0af0dd952a305033df15
SHA1

042de3991916afb008186af0007717988273c8ee
SHA256

4dbfd31f6cabd450ee406f20e50ff50385d52312d0c191afbbec8fa4a7b135e0
SHA512

1f31a9e06d3380e5abd697fc1449cf51cf45a1635f4000fa771318a59693360e7bd4090208f1349375411fbc5233e7016dfa57abe4830812f40e2821249059f1
SSDEEP

24576:7zXKqa8SEijjC+37li4damB70yqdNJkxG:7z6qaakjC+3s4daaDqdNJt

Score

7^/10

Executes dropped EXE 1 IoCs

Processes:

cbeaghwudpruk.exe

pid process

1160 cbeaghwudpruk.exe
Loads dropped DLL 1 IoCs

Processes:

750170ed877c0af0dd952a305033df15.exe

pid process

2060 750170ed877c0af0dd952a305033df15.exe
Drops file in Program Files directory 1 IoCs

Processes:

750170ed877c0af0dd952a305033df15.exe

description ioc process

File created C:\Program Files (x86)\ikic\cbeaghwudpruk.exe 750170ed877c0af0dd952a305033df15.exe

pid	process
1160	cbeaghwudpruk.exe

pid	process
2060	750170ed877c0af0dd952a305033df15.exe

description	ioc	process
File created	C:\Program Files (x86)\ikic\cbeaghwudpruk.exe	750170ed877c0af0dd952a305033df15.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

750170ed877c0af0dd952a305033df15.exe

description	pid	process	target process
PID 2060 wrote to memory of 1160	2060	750170ed877c0af0dd952a305033df15.exe	cbeaghwudpruk.exe
PID 2060 wrote to memory of 1160	2060	750170ed877c0af0dd952a305033df15.exe	cbeaghwudpruk.exe
PID 2060 wrote to memory of 1160	2060	750170ed877c0af0dd952a305033df15.exe	cbeaghwudpruk.exe
PID 2060 wrote to memory of 1160	2060	750170ed877c0af0dd952a305033df15.exe	cbeaghwudpruk.exe

C:\Program Files (x86)\ikic\cbeaghwudpruk.exe
"C:\Program Files (x86)\ikic\cbeaghwudpruk.exe"
2⤵
- Executes dropped EXE
PID:1160

\Program Files (x86)\ikic\cbeaghwudpruk.exe
Filesize
812KB

MD5
bdf97a1050e4aa4a41b8c3cebd978941

SHA1
9258037a4732f4644eb2879e29cdc2f19e364a57

SHA256
f47b6603f3f84212c2bafa07218e51f1b8c0bab5d563589e9412f3c2836f4c93

SHA512
458dc8df8595a1a67c0f74a7ac9780a94cbc9fac0b4869af0e60090a8f0c7fd14200181404cff6beb05081d24490eee838703f9de96108abbe99514ecd42a54e

Download Submit
memory/1160-9-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/1160-10-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2060-0-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2060-1-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2060-6-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download