bf50f3c601ca2f7fb5218124daeaf4b8c3a9ec8fbc72cf50992b18f08a139f44

Analysis

max time kernel
5s
max time network
2s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
28-03-2024 15:08

Target

arcloader.exe
Size

619KB
MD5

8a7d53912412eb717504a2ac4a45acec
SHA1

aa290efb150a0dabc246cb0fa7712a575db581bf
SHA256

bf50f3c601ca2f7fb5218124daeaf4b8c3a9ec8fbc72cf50992b18f08a139f44
SHA512

de2839f5bdc91391abb8ffd4e6609eb8aa900dbaa1bb8dd874c8998110836383b7a921ba8daa1adcce3f6602029c3dd74c10d1e5bf1029b2bf868e46d782451b
SSDEEP

6144:g9mH7n97hKU1N+Z5JWYiEuJyIWsREyHEyKwPnqbnUKE9CLPI9KVtq4okclY2fU:MmH7Kd1pNRsuyHETwSbUKFLvtq4R

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2364 set thread context of 2176	2364	arcloader.exe	29

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2596	2176	WerFault.exe	29

Suspicious use of WriteProcessMemory 17 IoCs

description	pid	Process	procid_target
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2364 wrote to memory of 2176	2364	arcloader.exe	29
PID 2176 wrote to memory of 2596	2176	RegAsm.exe	30
PID 2176 wrote to memory of 2596	2176	RegAsm.exe	30
PID 2176 wrote to memory of 2596	2176	RegAsm.exe	30
PID 2176 wrote to memory of 2596	2176	RegAsm.exe	30

memory/2176-8-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-4-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-6-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-7-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-9-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-10-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2176-12-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-15-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2176-17-0x0000000000400000-0x0000000000448000-memory.dmp

Filesize
288KB

Download
memory/2364-0-0x0000000000F00000-0x0000000000F9C000-memory.dmp

Filesize
624KB

Download
memory/2364-5-0x00000000024F0000-0x00000000044F0000-memory.dmp

Filesize
32.0MB

Download
memory/2364-1-0x0000000074550000-0x0000000074C3E000-memory.dmp

Filesize
6.9MB

Download
memory/2364-16-0x0000000074550000-0x0000000074C3E000-memory.dmp

Filesize
6.9MB

Download