3f7be669e5c8614997f4e41f04d359f594682e25a2852b8a81f115f6590f02b2

Analysis

max time kernel
135s
max time network
125s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
16-08-2024 23:21

Target

2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe
Size

2.6MB
MD5

7feea0947c3eb3e72b35087d44c719e4
SHA1

ce806f748ed351d28e77e1becf33b645ea205c48
SHA256

3f7be669e5c8614997f4e41f04d359f594682e25a2852b8a81f115f6590f02b2
SHA512

f51ceedf0723b251d422a43ae108626b107767e525622f849d3448d6dd9da734c82860a46cf0439ebf5313e4e6656f9942965b58de0a1a676ca26727416344a7
SSDEEP

49152:dYRS+Io1qR3j/6iuuHj/NtTSYuRPjcrOn:5WsDptTSYuRPWOn

Score

5^/10

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4156 set thread context of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89
PID 4156 wrote to memory of 3348	4156	2024-08-16_7feea0947c3eb3e72b35087d44c719e4_snatch.exe	89

memory/3348-0-0x00007FF717530000-0x00007FF717535000-memory.dmp

Filesize
20KB

Download
memory/3348-5-0x00007FF717530000-0x00007FF7175341D0-memory.dmp

Filesize
16KB

Download
memory/3348-6-0x00007FF717530000-0x00007FF717535000-memory.dmp

Filesize
20KB

Download
memory/3348-7-0x00007FF717530000-0x00007FF7175341D0-memory.dmp

Filesize
16KB

Download