a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
09-07-2024 18:36

Target

a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe
Size

691KB
MD5

28d6f95dbb6bcbaf56f94dc2d1b33a32
SHA1

9f889430f0460916751cd44d16d8d728b3d977da
SHA256

a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71
SHA512

8880bbf6bc58fcf2d4bd30c489d31063c77db9f5095251afc4918b1220659a00b038925adacd4c4abcf7f64f29a5e266aa6b316c6d744b71cf860a79e7cec347
SSDEEP

12288:km2DzsiCmEg6Vnv2yslKMkGzvX90rxug2Mn9zpe6h+eBMytnHoF:GDDCmxu3MPvX908gzn9zJduenIF

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2768 set thread context of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2552	2712	WerFault.exe	31

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2712	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe

Suspicious use of WriteProcessMemory 11 IoCs

description	pid	Process	procid_target
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2768 wrote to memory of 2712	2768	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	31
PID 2712 wrote to memory of 2552	2712	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	32
PID 2712 wrote to memory of 2552	2712	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	32
PID 2712 wrote to memory of 2552	2712	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	32
PID 2712 wrote to memory of 2552	2712	a02e9411c556434a56164ec32b0f990f7d14060ecbfdc793d9d1cfa689574d71.exe	32

memory/2712-7-0x0000000000400000-0x0000000000442000-memory.dmp

Filesize
264KB

Download
memory/2712-6-0x0000000000400000-0x0000000000442000-memory.dmp

Filesize
264KB

Download
memory/2712-14-0x0000000000400000-0x0000000000442000-memory.dmp

Filesize
264KB

Download
memory/2712-13-0x0000000000910000-0x0000000000C13000-memory.dmp

Filesize
3.0MB

Download
memory/2712-10-0x0000000000400000-0x0000000000442000-memory.dmp

Filesize
264KB

Download
memory/2712-12-0x0000000000400000-0x0000000000442000-memory.dmp

Filesize
264KB

Download
memory/2712-8-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/2768-1-0x0000000001060000-0x0000000001112000-memory.dmp

Filesize
712KB

Download
memory/2768-5-0x0000000000440000-0x00000000004CA000-memory.dmp

Filesize
552KB

Download
memory/2768-0-0x0000000074A4E000-0x0000000074A4F000-memory.dmp

Filesize
4KB

Download
memory/2768-4-0x00000000003A0000-0x00000000003AC000-memory.dmp

Filesize
48KB

Download
memory/2768-11-0x0000000074A40000-0x000000007512E000-memory.dmp

Filesize
6.9MB

Download
memory/2768-3-0x0000000000550000-0x0000000000568000-memory.dmp

Filesize
96KB

Download
memory/2768-2-0x0000000074A40000-0x000000007512E000-memory.dmp

Filesize
6.9MB

Download