bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9

Analysis

max time kernel
120s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25/04/2024, 02:48

Target

bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe
Size

765KB
MD5

111a71fb5c4146aedab7ef82ee65ff9e
SHA1

7d13ad097ac1ff48956780b1c367c48139a3f4a5
SHA256

bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9
SHA512

f79d58ba69f911fdc8a00575ad495a532d687a2e26b3836a3eab276911adc82c59d5141e0da0eada8afba9c85d74090e2f7fb706685b823515653fd0804bc0cd
SSDEEP

12288:oI2iNXxPga6O7fCIpmCVcyaERR/NEAO15ykGS6uPr33k5c:oI1PPgmKqSZ8/NEAe5LGRir336

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2192 set thread context of 2984	2192	bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe	28

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2192 wrote to memory of 2984	2192	bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe	28
PID 2192 wrote to memory of 2984	2192	bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe	28
PID 2192 wrote to memory of 2984	2192	bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe	28
PID 2192 wrote to memory of 2984	2192	bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe	28

C:\Users\Admin\AppData\Local\Temp\bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe
"C:\Users\Admin\AppData\Local\Temp\bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2192
- C:\Users\Admin\AppData\Local\Temp\bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe
  C:\Users\Admin\AppData\Local\Temp\bb7b0861f93da2461b84546e0702d9c628b49f429b7e483284093f542b4113e9.exe
  2⤵
  PID:2984

memory/2192-0-0x000000013F140000-0x000000013F204000-memory.dmp

Filesize
784KB

Download
memory/2192-1-0x000007FEF51F0000-0x000007FEF5BDC000-memory.dmp

Filesize
9.9MB

Download
memory/2192-2-0x000000001B8E0000-0x000000001B960000-memory.dmp

Filesize
512KB

Download
memory/2192-3-0x0000000000690000-0x00000000006AC000-memory.dmp

Filesize
112KB

Download
memory/2192-4-0x00000000007C0000-0x00000000007D6000-memory.dmp

Filesize
88KB

Download
memory/2192-5-0x00000000007E0000-0x00000000007F4000-memory.dmp

Filesize
80KB

Download
memory/2192-6-0x000000001BEC0000-0x000000001BF40000-memory.dmp

Filesize
512KB

Download
memory/2192-10-0x000007FEF51F0000-0x000007FEF5BDC000-memory.dmp

Filesize
9.9MB

Download
memory/2984-7-0x000007FFFFFDF000-0x000007FFFFFE0000-memory.dmp

Filesize
4KB

Download