e0c323c48aaec3bf5f1397d8929b8ae727f2dac20a48215e10b3b754a1995a15

Analysis

max time kernel
137s
max time network
163s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
24-02-2024 21:07

Target

a2c15fc027723de315fadd0f7b16984e.exe
Size

233KB
MD5

a2c15fc027723de315fadd0f7b16984e
SHA1

921488fbc3a6f16acb20d2799336c34779a88dde
SHA256

e0c323c48aaec3bf5f1397d8929b8ae727f2dac20a48215e10b3b754a1995a15
SHA512

d8f0b4f5a69ec960c19cf5d5090973e86a08a28dad02b671bfd9f868fff6fa13a60973c422dfc719409b048b4046de5333b4a7b66dca0632169e91da49e04542
SSDEEP

3072:qqazJDkKwwRMlmvKCKra8OA/xR11d34rIpUdc6aGy/VXx1pJRFMczcXNvMs3:Y5txRMgpKrrf/xR11F4rldLShMczgOs3

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

Processes:

a2c15fc027723de315fadd0f7b16984e.exe

description pid process target process

PID 2056 set thread context of 572 2056 a2c15fc027723de315fadd0f7b16984e.exe a2c15fc027723de315fadd0f7b16984e.exe

description	pid	process	target process
PID 2056 set thread context of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe

Suspicious use of WriteProcessMemory 8 IoCs

Processes:

a2c15fc027723de315fadd0f7b16984e.exe

description	pid	process	target process
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe
PID 2056 wrote to memory of 572	2056	a2c15fc027723de315fadd0f7b16984e.exe	a2c15fc027723de315fadd0f7b16984e.exe

C:\Users\Admin\AppData\Local\Temp\a2c15fc027723de315fadd0f7b16984e.exe
"C:\Users\Admin\AppData\Local\Temp\a2c15fc027723de315fadd0f7b16984e.exe"
2⤵
PID:572

memory/572-2-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/572-4-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/572-5-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/572-6-0x0000000000400000-0x0000000000427000-memory.dmp

Filesize
156KB

Download
memory/2056-0-0x00000000005C0000-0x00000000005C8000-memory.dmp

Filesize
32KB

Download
memory/2056-1-0x00000000005C0000-0x00000000005C8000-memory.dmp

Filesize
32KB

Download