ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
07/06/2024, 06:36

Target

ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90.exe
Size

13KB
MD5

1f6fcbfa575b0881cb031a9ce0f874ba
SHA1

41a4ddcf7ffafa0412c592f0f3b90be6161b6996
SHA256

ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90
SHA512

43c4ef3dc02155796383aa3f8f3a9ec88ac851b14e6fcac684a68f187c04e946cc7756713fa2339f350bf28412e6629499f30d9aacb85a3cdb4e7d717b469d38
SSDEEP

192:YcTI1exixtbnG6fGeC5W/bobqGONLPQ2r7U9vh87x2FeCCTZTTWlJdxqH/f1x:x5ixRjiONkeorFPgWlJj+V

Score

8^/10

Executes dropped EXE 1 IoCs

pid	Process
1364	242607063609359.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 4176 wrote to memory of 380	4176	ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90.exe	96
PID 4176 wrote to memory of 380	4176	ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90.exe	96
PID 380 wrote to memory of 1364	380	cmd.exe	97
PID 380 wrote to memory of 1364	380	cmd.exe	97

C:\Users\Admin\AppData\Local\Temp\ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90.exe
"C:\Users\Admin\AppData\Local\Temp\ab5512e619401d27a5d9f0022a5ec266f199b4da0785d4c8a68c2048652a3d90.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4176
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\242607063609359.exe 000001
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:380
- - C:\Users\Admin\AppData\Local\Temp\242607063609359.exe
    C:\Users\Admin\AppData\Local\Temp\242607063609359.exe 000001
    3⤵
    - Executes dropped EXE
    PID:1364

C:\Users\Admin\AppData\Local\Temp\242607063609359.exe

Filesize
13KB

MD5
e4b58ccdd424b95fec8d1ee70c0dd2de

SHA1
7569589cd662b8bd8df2c35afd267922397de1fb

SHA256
427df20e233bf622f81b2c4e9a02c970c782df7e097c75bf7cc81003d6ca59e5

SHA512
2b2ab73a5dd92bcb32d99150454a005fad2fa3c88649a7dcc1a0efe09c5292be9de128e19d55ac7374814b24db2d0fcd0680ae86f61e532a0e3caae7a18b3041

Download Submit