8dd4588b185da5a91a55c03a06a82edd75a714bd71544618396aba7d1ff45165

Analysis

max time kernel
142s
max time network
131s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
02/09/2024, 15:50

Target

mingw64/mingw64/bin/cpp.exe
Size

1.9MB
MD5

0267f2a04ce57053f733a7b9a1b7e24e
SHA1

d95c0caf07d99d21ea57c391eaa658c48223af8c
SHA256

d17f97013062bc5e1360c299d3e27e9f9aecbb9040cad17e99bb740cacb0ab00
SHA512

f46f3ed27d63704688f69a0473788c5be0da4ffa13d4edc6b607aa98699f5bf4b945e99cb597f24144a41959c72b98549363073a08c7cfb15db232d29a755e9b
SSDEEP

49152:PWVW2X3ZuqewPU8WBAUZLY9OEZGaXBuQQ9e:cW2nZgBAUZLe

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2860 wrote to memory of 2848	2860	cpp.exe	31
PID 2860 wrote to memory of 2848	2860	cpp.exe	31
PID 2860 wrote to memory of 2848	2860	cpp.exe	31

C:\Users\Admin\AppData\Local\Temp\mingw64\mingw64\bin\cpp.exe
"C:\Users\Admin\AppData\Local\Temp\mingw64\mingw64\bin\cpp.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2860
- C:\Users\Admin\AppData\Local\Temp\mingw64\mingw64\libexec\gcc\x86_64-w64-mingw32\8.1.0\cc1.exe
  C:/Users/Admin/AppData/Local/Temp/mingw64/mingw64/bin/../libexec/gcc/x86_64-w64-mingw32/8.1.0/cc1.exe -E -quiet -iprefix C:/Users/Admin/AppData/Local/Temp/mingw64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/8.1.0/ -D_REENTRANT - -mtune=core2 -march=nocona
  2⤵
  PID:2848

memory/2848-3-0x0000000064940000-0x0000000064955000-memory.dmp

Filesize
84KB

Download
memory/2848-2-0x0000000000400000-0x0000000001BFD000-memory.dmp

Filesize
24.0MB

Download
memory/2860-0-0x0000000000400000-0x00000000005E7000-memory.dmp

Filesize
1.9MB

Download
memory/2860-1-0x0000000064940000-0x0000000064955000-memory.dmp

Filesize
84KB

Download