2c63d5c9bece740d05d08aae01b061b9845ebc9c61aaa31417e79b59c454d7be

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
24-06-2024 15:55

Target

FedEx Receipt_AWB# 102003550412.exe
Size

722KB
MD5

e1daed4629962e7f857ebcfb59652c76
SHA1

aa178ed13192dc28da12bea57045cfa680316831
SHA256

2c63d5c9bece740d05d08aae01b061b9845ebc9c61aaa31417e79b59c454d7be
SHA512

4aa588ac86e4bd0590b048ee3ff0ca7b0b9de6eb1313b18f78a6dd08ac316cf8ef1bfaaf375ff4aeb71d2b4e6acb09a1084c93782c9598b0d744cb22474c6143
SSDEEP

12288:0iBikuPyVJm8iP9XXb4Oq2laC8gkwufIHU8+4tH5JIwpEwqBFGbx60SNjsVhYLsl:0iBiTaVJBiP5b9hla+PuYPH/pHqCfSS8

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2428 set thread context of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28

Suspicious behavior: EnumeratesProcesses 7 IoCs

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28
PID 2428 wrote to memory of 2204	2428	FedEx Receipt_AWB# 102003550412.exe	28

C:\Users\Admin\AppData\Local\Temp\FedEx Receipt_AWB# 102003550412.exe
"C:\Users\Admin\AppData\Local\Temp\FedEx Receipt_AWB# 102003550412.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2428
- C:\Users\Admin\AppData\Local\Temp\FedEx Receipt_AWB# 102003550412.exe
  "C:\Users\Admin\AppData\Local\Temp\FedEx Receipt_AWB# 102003550412.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2204

memory/2204-7-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2204-6-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2204-14-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2204-12-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2204-13-0x0000000000790000-0x0000000000A93000-memory.dmp

Filesize
3.0MB

Download
memory/2204-10-0x0000000000400000-0x0000000000443000-memory.dmp

Filesize
268KB

Download
memory/2204-8-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2428-1-0x00000000013E0000-0x000000000149A000-memory.dmp

Filesize
744KB

Download
memory/2428-11-0x0000000074760000-0x0000000074E4E000-memory.dmp

Filesize
6.9MB

Download
memory/2428-0-0x000000007476E000-0x000000007476F000-memory.dmp

Filesize
4KB

Download
memory/2428-5-0x00000000050A0000-0x000000000512A000-memory.dmp

Filesize
552KB

Download
memory/2428-4-0x0000000000580000-0x000000000058C000-memory.dmp

Filesize
48KB

Download
memory/2428-3-0x0000000000550000-0x0000000000560000-memory.dmp

Filesize
64KB

Download
memory/2428-2-0x0000000074760000-0x0000000074E4E000-memory.dmp

Filesize
6.9MB

Download