e46d3e797958e21bfa3bae718a27ec95b53c028255efcc9d5047da78e1a6f3e3

Analysis

max time kernel
78s
max time network
129s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
27-08-2022 16:57

Target

1312-207-0x0000000000400000-0x000000000094A000-memory.exe
Size

5.3MB
MD5

0bfe3a4a5387a728f5ca80bb580f7d80
SHA1

ba2c588daa39608a7bb5991e68425f3ed1579c49
SHA256

e46d3e797958e21bfa3bae718a27ec95b53c028255efcc9d5047da78e1a6f3e3
SHA512

29857e9a97ee16da40587b03f0e1011fcc045ffccfc2ea417425fdd88f3d7a3a620882297452d71509fadd69e8c8346da8c96195b721a7b0dedd0f28a98403b2
SSDEEP

24576:lP/k69a/bcq76tndALvBDXrBViIOzRVa:2Ea/bcq7EOLZLrBq9Va

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

4612 1636 WerFault.exe 1312-207-0x0000000000400000-0x000000000094A000-memory.exe

pid	pid_target	process	target process
4612	1636	WerFault.exe	1312-207-0x0000000000400000-0x000000000094A000-memory.exe

C:\Users\Admin\AppData\Local\Temp\1312-207-0x0000000000400000-0x000000000094A000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\1312-207-0x0000000000400000-0x000000000094A000-memory.exe"
1⤵
PID:1636

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1636 -s 216
2⤵
- Program crash
PID:4612

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 1636 -ip 1636
1⤵
PID:3848