ce9fe3445ce5d26315da02bd35c48b840cef59281e58c16759656a80ab97d53b

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13/03/2024, 16:05

Target

c64c9d5ee6e547b411c44e8845ae7727.exe
Size

65KB
MD5

c64c9d5ee6e547b411c44e8845ae7727
SHA1

11ee4173189356da731b877ce896f42696d636c3
SHA256

ce9fe3445ce5d26315da02bd35c48b840cef59281e58c16759656a80ab97d53b
SHA512

3548f6830c3d0f17a53b92e142c7092e3257e5323cbac2e08f0818d4a6344aaa8d384b216115363ca99018ad6e3f98293ba0c4f1a29505b5e31a70741f3f8dd1
SSDEEP

1536:nYROMa0VtZCtBId4u/OR2gWCfChRwHwqsCQ:sZCtBImu/OkgZHwqBQ

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 1460 set thread context of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28

Suspicious use of WriteProcessMemory 10 IoCs

description	pid	Process	procid_target
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28
PID 1460 wrote to memory of 2240	1460	c64c9d5ee6e547b411c44e8845ae7727.exe	28

C:\Users\Admin\AppData\Local\Temp\c64c9d5ee6e547b411c44e8845ae7727.exe
"C:\Users\Admin\AppData\Local\Temp\c64c9d5ee6e547b411c44e8845ae7727.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:1460
- C:\Users\Admin\AppData\Local\Temp\c64c9d5ee6e547b411c44e8845ae7727.exe
  "C:\Users\Admin\AppData\Local\Temp\c64c9d5ee6e547b411c44e8845ae7727.exe"
  2⤵
  PID:2240

memory/1460-13-0x0000000000510000-0x0000000000527000-memory.dmp

Filesize
92KB

Download
memory/2240-0-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-1-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-2-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-4-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-6-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-8-0x0000000000350000-0x000000000035D000-memory.dmp

Filesize
52KB

Download
memory/2240-9-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download