9897d0f4a07c7421cc72de56d8caeac3aad0d49da1a09cf18e19214708270faa

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
15-07-2024 08:58

Target

b5f518730f112d7ce8f9fcd341c3d0e0N.exe
Size

916KB
MD5

b5f518730f112d7ce8f9fcd341c3d0e0
SHA1

0c0c4c240d1cd40f959261065611abcd730a0e5d
SHA256

9897d0f4a07c7421cc72de56d8caeac3aad0d49da1a09cf18e19214708270faa
SHA512

fcf7edfebbac11e440cd9cda7fd726b32dcbff8ede152c1a3756edba1d060cc33851c4f3487c0234879eb476abbaafe13d506e3a3e9c25a0d915ab1bdca2a8f5
SSDEEP

6144:LyXqj99bEn+JRgqiYzJpAHPAZbgeZ7KsgAPW1kEqiqySyJcAwABrxxJa/YES:+XqTgqVp7ZbgeZGLARElqdyxjlDa/ZS

Score

7^/10

Deletes itself 1 IoCs

pid	Process
2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe

Executes dropped EXE 1 IoCs

pid	Process
2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe

Loads dropped DLL 4 IoCs

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2376	2216	WerFault.exe	29

Suspicious behavior: RenamesItself 1 IoCs

pid	Process
2052	b5f518730f112d7ce8f9fcd341c3d0e0N.exe

Suspicious use of UnmapMainImage 1 IoCs

pid	Process
2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2052 wrote to memory of 2216	2052	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	29
PID 2052 wrote to memory of 2216	2052	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	29
PID 2052 wrote to memory of 2216	2052	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	29
PID 2052 wrote to memory of 2216	2052	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	29
PID 2216 wrote to memory of 2376	2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	30
PID 2216 wrote to memory of 2376	2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	30
PID 2216 wrote to memory of 2376	2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	30
PID 2216 wrote to memory of 2376	2216	b5f518730f112d7ce8f9fcd341c3d0e0N.exe	30

\Users\Admin\AppData\Local\Temp\b5f518730f112d7ce8f9fcd341c3d0e0N.exe

Filesize
916KB

MD5
5d79401ce1be9f4ba826c35773df9c31

SHA1
f1a212b047b5e78ef06c3ff5b9a54c48136c67da

SHA256
6abd7318d6fe6def6a4ef84ea16203fbb34d3f05609229540057d04d263c8af5

SHA512
5ec940e2dcb8edd40aa7710649fc9984e6f587cf6ba15c91bfbb0f9cb7a89e6ff54923d3084449efd0fe349b918325fa2e865eb152accf0c5b7d09c700e93ff3

Download Submit
memory/2052-0-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2052-10-0x00000000030F0000-0x00000000031D5000-memory.dmp

Filesize
916KB

Download
memory/2052-8-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2216-11-0x0000000000400000-0x00000000004E5000-memory.dmp

Filesize
916KB

Download
memory/2216-12-0x00000000014F0000-0x00000000015D5000-memory.dmp

Filesize
916KB

Download