be605fe93c51b403b463ba811258489e0428026ec05554f6cbd52b0925ab79c5

Resubmissions

29/01/2024, 02:44

29/01/2024, 02:39

max time kernel
32s
max time network
18s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
29/01/2024, 02:39

Target

Fichero Análsis 1.exe
Size

52KB
MD5

e2bf42217a67e46433da8b6f4507219e
SHA1

daf263702f11dc0430d30f9bf443e7885cf91fcb
SHA256

ae8a1c7eb64c42ea2a04f97523ebf0844c27029eb040d910048b680f884b9dce
SHA512

827ce1460954d1d75f66cee11e0277e295aa6a4b4e6ac2f2f5f20ef2107dbe6dcfa0cb771fb9dd75e4157bd4830fd82ed719732a6318e7f48172ae4342391d6d
SSDEEP

384:WFVmdLgy5rg8g3SRrmlmwTwJrgmoS+GFbenP56cbwRG10IOp2n40iFLcH:GX4g8LRjhgmoDGFyP3+zb4nGY

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1700 set thread context of 2744	1700	Fichero Análsis 1.exe	29

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29
PID 1700 wrote to memory of 2744	1700	Fichero Análsis 1.exe	29

C:\Users\Admin\AppData\Local\Temp\Fichero Análsis 1.exe
"C:\Users\Admin\AppData\Local\Temp\Fichero Análsis 1.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1700
- C:\Windows\SysWOW64\svchost.exe
  "C:\Windows\system32\svchost.exe"
  2⤵
  PID:2744

memory/2744-0-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2744-2-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2744-4-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2744-6-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download
memory/2744-8-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2744-10-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download