7a422de8dd160ad4a9a581c7c153159e5bb292a72ad1079b7d9a25b01ae9d2a7

Analysis

max time kernel
92s
max time network
122s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
03-02-2024 07:04

Target

8bb472397c62780314c21caca9e3e833.exe
Size

144KB
MD5

8bb472397c62780314c21caca9e3e833
SHA1

29172fd8895e800aff01f5b5dca4738e3e750f88
SHA256

7a422de8dd160ad4a9a581c7c153159e5bb292a72ad1079b7d9a25b01ae9d2a7
SHA512

44d6ed0ec6f01431aca90ddceaff5318de8f7a45dadcadbbae7b98e2decdf338d3dff66799aadaa9f9dd1c6a19e584e2fcf78f3c864543086f64827327811c25
SSDEEP

3072:h5PDyUGll2gb3B02hyNK7D6zdw3+P+kdMTpd1j:I1

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2212 set thread context of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2212	8bb472397c62780314c21caca9e3e833.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84
PID 2212 wrote to memory of 4660	2212	8bb472397c62780314c21caca9e3e833.exe	84

C:\Users\Admin\AppData\Local\Temp\8bb472397c62780314c21caca9e3e833.exe
"C:\Users\Admin\AppData\Local\Temp\8bb472397c62780314c21caca9e3e833.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2212
- C:\Users\Admin\AppData\Local\Temp\8bb472397c62780314c21caca9e3e833.exe
  C:\Users\Admin\AppData\Local\Temp\8bb472397c62780314c21caca9e3e833.exe
  2⤵
  PID:4660

memory/4660-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4660-5-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/4660-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4660-6-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4660-7-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download