e692a40ce6bb31a36d3e11af1d444e251a8a3066b5919b28e6b36f4a1f99669a

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
09/03/2024, 22:03

Target

bcea657ccf969ab7e3459d6d019f390d.exe
Size

912KB
MD5

bcea657ccf969ab7e3459d6d019f390d
SHA1

172287d475a236484c227d152a69dd5ee2ae7af5
SHA256

e692a40ce6bb31a36d3e11af1d444e251a8a3066b5919b28e6b36f4a1f99669a
SHA512

aba8ee582bd96b39298bd362995359b3d7f51ae21271865fc04520b62b80343bb5b8c6a11b9212f4dd4cc30b8fd6c17943e2e8e54604879a91b037852d3bd658
SSDEEP

24576:qKeyxTAJj7P+yjUr78DpyW6BdUxDAMZvFbcprQijnWnthRO:qKeyRA0yQP8DpyW6YxbhcrQijUbk

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2504	k.exe

Loads dropped DLL 1 IoCs

pid	Process
2252	bcea657ccf969ab7e3459d6d019f390d.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\jaind\k.exe	bcea657ccf969ab7e3459d6d019f390d.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2252 wrote to memory of 2504	2252	bcea657ccf969ab7e3459d6d019f390d.exe	28
PID 2252 wrote to memory of 2504	2252	bcea657ccf969ab7e3459d6d019f390d.exe	28
PID 2252 wrote to memory of 2504	2252	bcea657ccf969ab7e3459d6d019f390d.exe	28
PID 2252 wrote to memory of 2504	2252	bcea657ccf969ab7e3459d6d019f390d.exe	28

C:\Users\Admin\AppData\Local\Temp\bcea657ccf969ab7e3459d6d019f390d.exe
"C:\Users\Admin\AppData\Local\Temp\bcea657ccf969ab7e3459d6d019f390d.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of WriteProcessMemory
PID:2252
- C:\Program Files (x86)\jaind\k.exe
  "C:\Program Files (x86)\jaind\k.exe"
  2⤵
  - Executes dropped EXE
  PID:2504

\Program Files (x86)\jaind\k.exe

Filesize
922KB

MD5
70abe1af0660de076fe0f1021a2bb5ed

SHA1
4448b5831776dd86623dddbe0cb9f34aa522c895

SHA256
802643f9865b00ae522a5e6b7f6f4565daa2285bf8a80c8539648960324fe8fc

SHA512
0fdab749c94e50337025543fcb611451d56fcc54dcef2983f889b1568a792e1cd4de97b729ba8d6a9ac587ad4a0c5a9c3f800af1d2395088333f177b12d55735

Download Submit
memory/2252-1-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2252-0-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2252-6-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2504-9-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download
memory/2504-10-0x0000000000400000-0x0000000000494000-memory.dmp

Filesize
592KB

Download