a1fd9e1a091ecef54ea453a68964a77a498d7ec32f974b637e555e791b915e19

Analysis

max time kernel
145s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20240221-en
resource tags

arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
submitted
25/02/2024, 07:45

Target

a33e4d428cd7db148dbe7ca1fdfede2f.exe
Size

56KB
MD5

a33e4d428cd7db148dbe7ca1fdfede2f
SHA1

536b013ce90441064631252a82941c000d3c3cdc
SHA256

a1fd9e1a091ecef54ea453a68964a77a498d7ec32f974b637e555e791b915e19
SHA512

96ad6d41622dece12803f9e67a798c2bdac6071625701a4aa26e3d68daa6aac2df83ed5b7f1db884717f2c3c3812c9008b73930a883826af30d6c0e7bcd4a9b3
SSDEEP

1536:kZ/nEkh8OTKNqQi+BcN5fKgWmkt2RkRe8qA:axhTKNLi3fWsRkRenA

Score

1^/10

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2164 wrote to memory of 3620	2164	a33e4d428cd7db148dbe7ca1fdfede2f.exe	30
PID 2164 wrote to memory of 3620	2164	a33e4d428cd7db148dbe7ca1fdfede2f.exe	30
PID 2164 wrote to memory of 3620	2164	a33e4d428cd7db148dbe7ca1fdfede2f.exe	30
PID 2164 wrote to memory of 3620	2164	a33e4d428cd7db148dbe7ca1fdfede2f.exe	30

memory/2164-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2164-1-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2164-7-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2164-8-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/3620-3-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3620-4-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download