d61985407f31d1fbba3aaf4e6d1e79c5fc79fa333879fd478a0ffb4d9476a04f

Analysis

max time kernel
16s
max time network
19s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
18-11-2024 16:46

Target

5221d2214beb75529df68ac5f0106f4f.exe
Size

4.1MB
MD5

5221d2214beb75529df68ac5f0106f4f
SHA1

0f97ce2b3768605f2de2d9d5f1f8542f915c486c
SHA256

d61985407f31d1fbba3aaf4e6d1e79c5fc79fa333879fd478a0ffb4d9476a04f
SHA512

3c1d92bb51ec40692055035d6d43e17a37b0b755be05e302f67eacb4223ede566041b9696648ef5b52556654ee4a39eaab87aefc3b508206ea6418c4074a227f
SSDEEP

24576:8Smpzi3xGi50W+Zdel5ubytHiZTRIZxUTt3dcnBnD1aAByTD9+akcFEbaWpUBsHI:/xGK0l3e3u3tgyKBnD0UxVGQ/heC/IZ

Score

1^/10

Suspicious use of WriteProcessMemory 3 IoCs

Processes:

5221d2214beb75529df68ac5f0106f4f.exe

description	pid	Process	procid_target
PID 2296 wrote to memory of 380	2296	5221d2214beb75529df68ac5f0106f4f.exe	30
PID 2296 wrote to memory of 380	2296	5221d2214beb75529df68ac5f0106f4f.exe	30
PID 2296 wrote to memory of 380	2296	5221d2214beb75529df68ac5f0106f4f.exe	30

C:\Users\Admin\AppData\Local\Temp\5221d2214beb75529df68ac5f0106f4f.exe
"C:\Users\Admin\AppData\Local\Temp\5221d2214beb75529df68ac5f0106f4f.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2296
- C:\Users\Admin\AppData\Local\Temp\5221d2214beb75529df68ac5f0106f4f.exe
  C:\Users\Admin\AppData\Local\Temp\5221d2214beb75529df68ac5f0106f4f.exe
  2⤵
  PID:380