dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/03/2024, 23:38

Target

dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe
Size

79KB
MD5

aaf8578f545de24f61b9636310ba2277
SHA1

1e5d50a33e60fd05ba9da65fbaa10a115e5c4887
SHA256

dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6
SHA512

7cf75eacfb2c404350252925a6c30b3f4bc751cf07587d572ec16e8945b811dc11ede95d985eaa0fa11d1e74e2616054e394f0259372bef3d38ecf63f2541a81
SSDEEP

1536:zvXvQ623RLlw9AQrOQA8AkqUhMb2nuy5wgIP0CSJ+5y9B8GMGlZ5G:zv/q3RL69uGdqU7uy5w9WMy9N5G

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
4696	[email protected]

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 3984 wrote to memory of 4336	3984	dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe	90
PID 3984 wrote to memory of 4336	3984	dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe	90
PID 3984 wrote to memory of 4336	3984	dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe	90
PID 4336 wrote to memory of 4696	4336	cmd.exe	91
PID 4336 wrote to memory of 4696	4336	cmd.exe	91
PID 4336 wrote to memory of 4696	4336	cmd.exe	91

C:\Users\Admin\AppData\Local\Temp\dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe
"C:\Users\Admin\AppData\Local\Temp\dc70356bfbafd144d3b94c45e360e6600eabe9b92ed094b739b14a1293cf9bb6.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3984
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c [email protected]
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:4336
- - C:\Users\Admin\AppData\Local\Temp\[email protected]
    [email protected]
    3⤵
    - Executes dropped EXE
    PID:4696

C:\Users\Admin\AppData\Local\Temp\[email protected]

Filesize
79KB

MD5
415ee27097aac6f76664b9c4424e8ec4

SHA1
a51d555a57647caba8045fc2549e2a40fb48e3ed

SHA256
2ecdad0daea864476afc479639cbef73bfd8ce5dc63284840aa3f0bf88664f05

SHA512
ce0983ea6a4d7b1772ded24b7a60035ff35d2fe5da312324913b2adb0ca4a567c14cc04055064e61bdeca86ac5c8f7f47aa276ef63a66a711a0494e8f643a773

Download Submit
memory/3984-6-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download
memory/4696-5-0x0000000000400000-0x000000000041B000-memory.dmp

Filesize
108KB

Download