e25cea03b9a18d1c3e9179d7bb0ef7eee5b10dec80ef50e07599f7ae92223d05

Resubmissions

09/03/2024, 07:00

09/03/2024, 06:56

09/03/2024, 06:54

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09/03/2024, 06:54

Target

OrangeWare BETA.exe
Size

605KB
MD5

5c45ec1854de2fab9b7c6b24e5bc5a58
SHA1

12d3e02b9391aab1b22d76eab1c87497bcbd51f0
SHA256

e25cea03b9a18d1c3e9179d7bb0ef7eee5b10dec80ef50e07599f7ae92223d05
SHA512

11a6e38aa2e402a00e79abf0f6175428bee3350f1d3a88009b39fc036216a74f2e75d80396930b5dee4e293d4c3e984bc1986913ded6033a6c372bf4d1099563
SSDEEP

6144:MX+wg3G5Q1IAZKSppJpjlYN0jqzMQPwmEykjNNAC0z4G7ennOJ4ZDvdQlTzI8Oxv:MXbg3FIoxPu08MQPwTACK5enTZDvgT1

Score

1^/10

Suspicious use of WriteProcessMemory 9 IoCs

description	pid	Process	procid_target
PID 2340 wrote to memory of 1612	2340	OrangeWare BETA.exe	29
PID 2340 wrote to memory of 1612	2340	OrangeWare BETA.exe	29
PID 2340 wrote to memory of 1612	2340	OrangeWare BETA.exe	29
PID 2340 wrote to memory of 2496	2340	OrangeWare BETA.exe	30
PID 2340 wrote to memory of 2496	2340	OrangeWare BETA.exe	30
PID 2340 wrote to memory of 2496	2340	OrangeWare BETA.exe	30
PID 2340 wrote to memory of 2996	2340	OrangeWare BETA.exe	31
PID 2340 wrote to memory of 2996	2340	OrangeWare BETA.exe	31
PID 2340 wrote to memory of 2996	2340	OrangeWare BETA.exe	31

C:\Users\Admin\AppData\Local\Temp\OrangeWare BETA.exe
"C:\Users\Admin\AppData\Local\Temp\OrangeWare BETA.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2340
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1612
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2496
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2996