04d34301da1223f252b3d413f20ba5a8e1998a9999785e20f5dc030d121e4977

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
28-05-2024 18:32

Target

2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe
Size

3.8MB
MD5

d320e00747abb1d7fa430cbfb4f0e333
SHA1

1e49b413e3ff83ca4ed626567a410bb504e2e05a
SHA256

04d34301da1223f252b3d413f20ba5a8e1998a9999785e20f5dc030d121e4977
SHA512

ab2a218f86db046b25e6dbeb2f41ab0baf87619237c793ae6ac8c75b1adcd1c9feda5267309a42c69c9c400a9c0836e0c0b56e6d091841c74ab1aae269c94c2e
SSDEEP

49152:YqUaD6IL/ZJYH6+Vl3Op3fBGF9Hjdt5BgCjWLq7xEv+P3Xbz0JERdPAht:bM3hDxEYcMdPWt

Score

1^/10

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe

description	pid	process	target process
PID 2232 wrote to memory of 1604	2232	2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe	jsc.exe
PID 2232 wrote to memory of 1604	2232	2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe	jsc.exe
PID 2232 wrote to memory of 1604	2232	2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe	jsc.exe
PID 2232 wrote to memory of 1604	2232	2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe	jsc.exe

C:\Users\Admin\AppData\Local\Temp\2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe
"C:\Users\Admin\AppData\Local\Temp\2024-05-28_d320e00747abb1d7fa430cbfb4f0e333_megazord.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2232
- C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe
  "C:\Windows\Microsoft.NET\Framework\v4.0.30319\jsc.exe"
  2⤵
  PID:1604