c30f5e9ffd75f81ad69dde4ad1e86b0db40d2a24280bb05e98210cb77054c038

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/06/2024, 09:48

Target

2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe
Size

16.7MB
MD5

50c60d31aa8193d5676c07bd30c2cd7b
SHA1

941b29714e3d3fad30e99c479ee4765cedddccbb
SHA256

c30f5e9ffd75f81ad69dde4ad1e86b0db40d2a24280bb05e98210cb77054c038
SHA512

d40b58d858e9359db0310b06bd4d1f3e1582b4b8d93fcc8a3011f29b5c5fd908efb777b662f5fcf721f4ff5a81f3a24c31bec4ea0c6882f026d95ba275327fec
SSDEEP

196608:2uQF9WNAyEz75jsj8flgcsklKbAs4eR3GBXlCCVJIx+N/IO7:2yral/fDKt4ewVJIkN/Ig

Score

1^/10

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28
PID 1152 wrote to memory of 2188	1152	2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe	28

C:\Users\Admin\AppData\Local\Temp\2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe
"C:\Users\Admin\AppData\Local\Temp\2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1152
- C:\Windows\SysWOW64\explorer.exe
  explorer.exe
  2⤵
  PID:2188

C:\Users\Admin\AppData\Local\Temp\2024-06-11_50c60d31aa8193d5676c07bd30c2cd7b_darpapox_icedid_nymaim.exe

Filesize
15.0MB

MD5
ec51ab8866ec9b8a96ec1f62ea47139e

SHA1
1f2962df4f6c6f80fa79a7f7d94cc21a76ca9558

SHA256
78b4e74527d394cafd55728558a9fdf8d8a7d91818e8dabe8133fa8a46463a56

SHA512
9867307c40ff7f8fd3c26a20e99b6e018236eea40d3c85211ed8ed4c2b26ee2e7034553fb9a09d3c7fd3bb3555d6be4b1f457c8b1dba6fc5607463c06f7324df

Download Submit