904ce94f5e9aad4a0c3432071857db5cf787b8059a37ad2b7e9e3f4be5406655

Analysis

max time kernel
152s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10-03-2024 14:14

Target

becfe4901318441232f0ec4415f748db.exe
Size

175KB
MD5

becfe4901318441232f0ec4415f748db
SHA1

d56ca6f47ca026bb367aff92c5ccacf3ff169fb0
SHA256

904ce94f5e9aad4a0c3432071857db5cf787b8059a37ad2b7e9e3f4be5406655
SHA512

674549195b047d787c9c9fbe961cb142ef4d4c0321e9d969e1639e1e11dc97c1e4c3811dd84faf344c06f32584fca568de37a65df504cd76241082eee2a43817
SSDEEP

3072:mlOpMhGUjEWDw7yqKuZ+yQbDCaaCT6ocaHZgsfBBZdbM:kOcgWbLuHQvdlB5npBZO

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 3700 set thread context of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97

Suspicious behavior: EnumeratesProcesses 4 IoCs

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3700	becfe4901318441232f0ec4415f748db.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 3700 wrote to memory of 2900	3700	becfe4901318441232f0ec4415f748db.exe	97
PID 2900 wrote to memory of 3336	2900	becfe4901318441232f0ec4415f748db.exe	56
PID 2900 wrote to memory of 3336	2900	becfe4901318441232f0ec4415f748db.exe	56
PID 2900 wrote to memory of 3336	2900	becfe4901318441232f0ec4415f748db.exe	56
PID 2900 wrote to memory of 3336	2900	becfe4901318441232f0ec4415f748db.exe	56

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1328 --field-trial-handle=3060,i,1774866140584649235,8085848018931772189,262144 --variations-seed-version /prefetch:8
1⤵
PID:4132

memory/2900-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2900-5-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2900-6-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2900-8-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/2900-14-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/3336-9-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/3336-10-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

Filesize
4KB

Download
memory/3700-0-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download
memory/3700-7-0x0000000000400000-0x000000000045A000-memory.dmp

Filesize
360KB

Download