49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c

Analysis

Target

49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c.exe
Size

2.4MB
MD5

0923f165c95cb134ce75da029d23acdd
SHA1

5a9e03154f0b6403f5212dac3651621aaf02347c
SHA256

49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c
SHA512

da0c43fcb9be82145c8c83055aff6d339da4120efd01718078bfbcd34dd48b80711ecda879d505bec1e29104f88b8b3dc211f59f683f3801bcf28e88233e3536

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1640 368 WerFault.exe 49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c.exe

pid	pid_target	process	target process
1640	368	WerFault.exe	49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c.exe

C:\Users\Admin\AppData\Local\Temp\49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c.exe
"C:\Users\Admin\AppData\Local\Temp\49a23d8185275195f9c9f4417b41ccc4b00c359692cffcb14e1366fcccb81b4c.exe"
1⤵
PID:368

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 368 -s 1044
2⤵
- Program crash
PID:1640

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 368 -ip 368
1⤵
PID:1424

memory/368-130-0x0000000000EE0000-0x000000000114C000-memory.dmp

Filesize
2.4MB

Download
memory/368-132-0x0000000074DF0000-0x00000000755A0000-memory.dmp

Filesize
7.7MB

Download
memory/368-131-0x0000000006170000-0x0000000006714000-memory.dmp

Filesize
5.6MB

Download
memory/368-133-0x0000000005BC0000-0x0000000005C52000-memory.dmp

Filesize
584KB

Download
memory/368-134-0x0000000005CA0000-0x0000000005CAA000-memory.dmp

Filesize
40KB

Download
memory/368-135-0x0000000005BC0000-0x0000000006164000-memory.dmp

Filesize
5.6MB

Download