75b7fef7f8a5dc6e0e57c8b070fac59f896d0ddbb17605d8ca20a56c4d51244a

Analysis

max time kernel
20s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
27/04/2024, 04:34

Target

EOD-AIO.exe
Size

23.4MB
MD5

9e0e558fec8d96770cea6bf71cebe6ed
SHA1

e31be4a323d010337d83c28568e36ab663256543
SHA256

75b7fef7f8a5dc6e0e57c8b070fac59f896d0ddbb17605d8ca20a56c4d51244a
SHA512

b1310c9f02b9de5e89eb3dfb88e278e255d72ec502175339157ca3e457309ab61fc335aee05d4c5cbd9c6e13ac8397bd74ad2c2bc2fcda6e1e1e121b3dde15ad
SSDEEP

393216:X3gPES17Al/jg3ani38EuAAcO2r71NsAVHcVylgWT4KlRjZDu1wTM:X30ESdApkK08Ei0rPseHc4GWMWlDu1

Score

5^/10

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
3048	EOD-AIO.exe
3048	EOD-AIO.exe

Delays execution with timeout.exe 1 IoCs

evasion

pid	Process
2384	timeout.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

Suspicious use of WriteProcessMemory 12 IoCs

description	pid	Process	procid_target
PID 3048 wrote to memory of 2644	3048	EOD-AIO.exe	29
PID 3048 wrote to memory of 2644	3048	EOD-AIO.exe	29
PID 3048 wrote to memory of 2644	3048	EOD-AIO.exe	29
PID 2644 wrote to memory of 2652	2644	cmd.exe	30
PID 2644 wrote to memory of 2652	2644	cmd.exe	30
PID 2644 wrote to memory of 2652	2644	cmd.exe	30
PID 2644 wrote to memory of 2820	2644	cmd.exe	31
PID 2644 wrote to memory of 2820	2644	cmd.exe	31
PID 2644 wrote to memory of 2820	2644	cmd.exe	31
PID 2644 wrote to memory of 2524	2644	cmd.exe	32
PID 2644 wrote to memory of 2524	2644	cmd.exe	32
PID 2644 wrote to memory of 2524	2644	cmd.exe	32

memory/3048-0-0x000000013F110000-0x00000001419DE000-memory.dmp

Filesize
40.8MB

Download
memory/3048-15-0x000000013F110000-0x00000001419DE000-memory.dmp

Filesize
40.8MB

Download
memory/3048-16-0x0000000077720000-0x00000000778C9000-memory.dmp

Filesize
1.7MB

Download
memory/3048-10-0x0000000077900000-0x0000000077902000-memory.dmp

Filesize
8KB

Download
memory/3048-17-0x0000000077720000-0x00000000778C9000-memory.dmp

Filesize
1.7MB

Download
memory/3048-8-0x0000000077900000-0x0000000077902000-memory.dmp

Filesize
8KB

Download
memory/3048-6-0x0000000077900000-0x0000000077902000-memory.dmp

Filesize
8KB

Download
memory/3048-5-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/3048-3-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/3048-1-0x00000000778D0000-0x00000000778D2000-memory.dmp

Filesize
8KB

Download
memory/3048-18-0x0000000077720000-0x00000000778C9000-memory.dmp

Filesize
1.7MB

Download
memory/3048-19-0x000000013F110000-0x00000001419DE000-memory.dmp

Filesize
40.8MB

Download
memory/3048-20-0x0000000077720000-0x00000000778C9000-memory.dmp

Filesize
1.7MB

Download