c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c

Analysis

max time kernel
144s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
07-06-2024 06:32

Target

c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c.exe
Size

13KB
MD5

e2350e554722b50ba80707ff53a177a0
SHA1

59e61a8503babfddf12333d721bda5082e57dcf7
SHA256

c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c
SHA512

dabdea6dc647a7f33015e4d5a72a8800213c00fecd483cdbe9256d02d19534fec397a9dacfc70046893fa79362005d2a9099a84b7e816b484e862d640677d64d
SSDEEP

192://EI16jeeBBZW6Zcxc3mZ76HID2GfJPsGCoAuJcNwGiOzzzYtDWlJdxqH81x:0JjhBrr+YWfO73G3OzzzIWlJj+G

Score

8^/10

Executes dropped EXE 1 IoCs

pid	Process
5092	242607063251325.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1148 wrote to memory of 1540	1148	c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c.exe	95
PID 1148 wrote to memory of 1540	1148	c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c.exe	95
PID 1540 wrote to memory of 5092	1540	cmd.exe	96
PID 1540 wrote to memory of 5092	1540	cmd.exe	96

C:\Users\Admin\AppData\Local\Temp\c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c.exe
"C:\Users\Admin\AppData\Local\Temp\c06cb1a11fbadbd89caa6af8a5699463648f13eb070a82de48a8db21eacdda3c.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1148
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607063251325.exe 000001
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:1540
- - C:\Users\Admin\AppData\Local\Temp\242607063251325.exe
    C:\Users\Admin\AppData\Local\Temp\242607063251325.exe 000001
    3⤵
    - Executes dropped EXE
    PID:5092

C:\Users\Admin\AppData\Local\Temp\242607063251325.exe

Filesize
13KB

MD5
00a11237eeadc15696847b50b1e5c685

SHA1
4161b9f83feefe0976cd6b5b3cf914e4094b5e0e

SHA256
0f5596f302f543614e3507212c2eef0f9350003dce2d4ff1bafafd1c0c81db4b

SHA512
5169d61324349d41678547bc12ee4f71788d3f71acf4fc4d8ba8aac7a065481b2da41c8fd7e1f14839a7a36600bd916ffedffce9f0856cd138becd0272c4b37e

Download Submit