98fb12a9625d600535df342551d30b27ed216fed14d9c6f63e8bf677cb730301

Analysis

max time kernel
144s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
30-06-2024 02:12

Target

60adbb2a2aa829c0ef7bbfce5214ff82.exe
Size

28.2MB
MD5

60adbb2a2aa829c0ef7bbfce5214ff82
SHA1

d3a23b8c9e125cfc6bae2d6006ff406f3c02c4cd
SHA256

98fb12a9625d600535df342551d30b27ed216fed14d9c6f63e8bf677cb730301
SHA512

54ea3a4a34020ed500fc46a3d95846a2a63165b9d69b08193bdd298e6fcd46bbafe9a699914f6f813deaf4ae46b7f2e9b41564d4ec3a96eb755c2fc0ddc29f1c
SSDEEP

393216:HN0uwoFGVN8x5ytoOO5mM2/1F/HXZjTN2VziJ+0Wg5tPt:t0uwoFsN8a5

Score

1^/10

Suspicious behavior: EnumeratesProcesses 8 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2636 wrote to memory of 3160	2636	60adbb2a2aa829c0ef7bbfce5214ff82.exe	83
PID 2636 wrote to memory of 3160	2636	60adbb2a2aa829c0ef7bbfce5214ff82.exe	83
PID 2636 wrote to memory of 2344	2636	60adbb2a2aa829c0ef7bbfce5214ff82.exe	84
PID 2636 wrote to memory of 2344	2636	60adbb2a2aa829c0ef7bbfce5214ff82.exe	84

C:\Users\Admin\AppData\Local\Temp\60adbb2a2aa829c0ef7bbfce5214ff82.exe
"C:\Users\Admin\AppData\Local\Temp\60adbb2a2aa829c0ef7bbfce5214ff82.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2636
- C:\Users\Admin\AppData\Local\Temp\60adbb2a2aa829c0ef7bbfce5214ff82.exe
  C:\Users\Admin\AppData\Local\Temp\60adbb2a2aa829c0ef7bbfce5214ff82.exe
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3160
- C:\Windows\system32\cmd.exe
  cmd.exe /K
  2⤵
  PID:2344