2fb3da959196da5f5972b40e0e7a57571a42f4972a57f586d43318caedcde56d

Analysis

max time kernel
140s
max time network
120s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
27-01-2024 06:54

Target

041f11543edf5591a8fb7b0037e3d115.exe
Size

1.3MB
MD5

041f11543edf5591a8fb7b0037e3d115
SHA1

ee5fb2448d4437c2eaefdfb7cac13a0a2162a775
SHA256

2fb3da959196da5f5972b40e0e7a57571a42f4972a57f586d43318caedcde56d
SHA512

3e3e5634cb560178ec75b2a74a92a9bbacedf53f046491ebf9e2d7849b1b1ea5327cf9e8e3cc2ffc3938ca12d6ab281ae466b4446c2b338fa35976ef6f5b83c4
SSDEEP

24576:6H4G8P8VYqjxxT6qZk1rFrXc0lLF5HskwGpLF2:1G8P8VcrlcwLXPpL8

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

Processes:

041f11543edf5591a8fb7b0037e3d115.exe

description	pid	Process	procid_target
PID 1740 set thread context of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28

Suspicious use of WriteProcessMemory 12 IoCs

Processes:

041f11543edf5591a8fb7b0037e3d115.exe041f11543edf5591a8fb7b0037e3d115.exe

description	pid	Process	procid_target
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1740 wrote to memory of 1572	1740	041f11543edf5591a8fb7b0037e3d115.exe	28
PID 1572 wrote to memory of 2772	1572	041f11543edf5591a8fb7b0037e3d115.exe	29
PID 1572 wrote to memory of 2772	1572	041f11543edf5591a8fb7b0037e3d115.exe	29
PID 1572 wrote to memory of 2772	1572	041f11543edf5591a8fb7b0037e3d115.exe	29

memory/1572-17-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-0-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-25-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-4-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-8-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-11-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-23-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-14-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-20-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-21-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1572-24-0x0000000140000000-0x0000000140030000-memory.dmp

Filesize
192KB

Download
memory/1740-22-0x0000000001BA0000-0x0000000001BF3000-memory.dmp

Filesize
332KB

Download
memory/1740-3-0x0000000000200000-0x000000000024E000-memory.dmp

Filesize
312KB

Download
memory/1740-5-0x0000000001BA0000-0x0000000001BF3000-memory.dmp

Filesize
332KB

Download