56dd3213eb13e5e521b3b04ad35af9d6e5579ce0253a76d177453e9cecac50f7

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:54

Target

RunPE.exe
Size

7.7MB
MD5

73ae44f680eb1f5b56e5e531e3e2d590
SHA1

085667af1324840e3b21cb2af7e4e6370a11658c
SHA256

6d3b06055202cf07167fdc7ed70ec20f0616ccb00cfa2ac4ff6b1c14dabaced0
SHA512

ac2ee303aee5cdcdb965b4a3efe8de5e4117e71676f29bf50ab469287634988778ec922a4f6da5561c66eb5ad99e7fc1ba4a31b97722ef9bcb711c27cb729878
SSDEEP

196608:99CqzRjh0/9+3LRiQbpQ3lnS6nbVkR7CQfqT2jJMWHOk:99TzR1Y+3LRiQbpQ2t7VMjk

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

Processes:

RunPE.exe

description pid process target process

PID 3028 set thread context of 2292 3028 RunPE.exe RunPE.exe
Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

RunPE.exe

pid process

3028 RunPE.exe

description	pid	process	target process
PID 3028 set thread context of 2292	3028	RunPE.exe	RunPE.exe

pid	process
3028	RunPE.exe

Suspicious use of WriteProcessMemory 12 IoCs

Processes:

RunPE.exe

description	pid	process	target process
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe
PID 3028 wrote to memory of 2292	3028	RunPE.exe	RunPE.exe

C:\Users\Admin\AppData\Local\Temp\RunPE.exe
C:\Users\Admin\AppData\Local\Temp\RunPE.exe
2⤵
PID:2292

memory/2292-6-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-9-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-24-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-26-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-4-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-21-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2292-18-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-15-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-12-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download
memory/2292-2-0x0000000000400000-0x0000000000BEE000-memory.dmp

Filesize
7.9MB

Download