55cee19d3911b1e57cb263df8b5b5df16f46f25dfe29913ef54e49c7ff33aef2

Analysis

max time kernel
118s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18-03-2024 14:46

Target

d3c64b2a88b5ec0b2589c30f3d850440.exe
Size

60KB
MD5

d3c64b2a88b5ec0b2589c30f3d850440
SHA1

6ee27eea2848e91534fd67741edc59f555ab38e8
SHA256

55cee19d3911b1e57cb263df8b5b5df16f46f25dfe29913ef54e49c7ff33aef2
SHA512

6a70ed9800353675f38bcae2e659ea597a981a605643f43c7829269b59ff2bf8610d0d8b74a5f1ba6b032301bf216bda9a5d94b896f85cbab77d0b6b7812eccc
SSDEEP

1536:Q5aXdw0qDtjOKxUHetlc52Uw2gtG8VHxVo89aXQ121+tHEXo:QItwXfrE5bd8VHxfsQ1xtHmo

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2728 set thread context of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28

Suspicious behavior: EnumeratesProcesses 3 IoCs

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2728 wrote to memory of 2888	2728	d3c64b2a88b5ec0b2589c30f3d850440.exe	28
PID 2888 wrote to memory of 1208	2888	d3c64b2a88b5ec0b2589c30f3d850440.exe	21
PID 2888 wrote to memory of 1208	2888	d3c64b2a88b5ec0b2589c30f3d850440.exe	21
PID 2888 wrote to memory of 1208	2888	d3c64b2a88b5ec0b2589c30f3d850440.exe	21
PID 2888 wrote to memory of 1208	2888	d3c64b2a88b5ec0b2589c30f3d850440.exe	21

memory/1208-11-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

Filesize
28KB

Download
memory/1208-14-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

Filesize
4KB

Download
memory/2888-0-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-2-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-4-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-8-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-9-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-10-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2888-23-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2888-25-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download