d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 23:23

Target

d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe
Size

79KB
MD5

6713d254e9ad8c480e9d9c06c2fa8923
SHA1

a391dc0f7f481a823e8354185da5cfa919eb0d5b
SHA256

d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e
SHA512

70f953d1f0bbf62c33f21a5fd4621295a5a56c0e447e0c1fe06acc75e36474edc0440c66fce45bac2071beed063fa5d36e66291599ce0f9bf576d8bbc398d5bf
SSDEEP

1536:zvoO0/7E2BzTQTFOQA8AkqUhMb2nuy5wgIP0CSJ+5y1B8GMGlZ5G:zvL0/Y2lTQTcGdqU7uy5w9WMy1N5G

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
260	[email protected]

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2244 wrote to memory of 4532	2244	d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe	87
PID 2244 wrote to memory of 4532	2244	d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe	87
PID 2244 wrote to memory of 4532	2244	d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe	87
PID 4532 wrote to memory of 260	4532	cmd.exe	88
PID 4532 wrote to memory of 260	4532	cmd.exe	88
PID 4532 wrote to memory of 260	4532	cmd.exe	88

C:\Users\Admin\AppData\Local\Temp\d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe
"C:\Users\Admin\AppData\Local\Temp\d39af16a09c33b6833fb62d9f599ee97d44854c9570de6a87dc3645bc640fa1e.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2244
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c [email protected]
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4532
- - C:\Users\Admin\AppData\Local\Temp\[email protected]
    [email protected]
    3⤵
    - Executes dropped EXE
    PID:260

C:\Users\Admin\AppData\Local\Temp\[email protected]

Filesize
79KB

MD5
5b8f38d1c51108f1819447b6cb2ea674

SHA1
d314a8ec8f121d80bfcc3f60788312ffe5b8e98b

SHA256
4297e43dc473aa32a873967f63a781443024992e8d69fc69271889fdc698016a

SHA512
00b9b94fac93f359d768421ded2b03f79d4099297d57bb9e0bb19d77b1cb58be3702f9b1d9b44dfeb92b5bc527212885090897de81529e1c2e237e00ca9b9373

Download Submit
memory/260-5-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/2244-6-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download