c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff

Analysis

max time kernel
45s
max time network
49s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
10/10/2022, 23:23

Target

c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe
Size

506KB
MD5

72e84e2b6113af7df07151caa30127f2
SHA1

eea75c251e6eadee84d13661f3de7e5e6e7a3136
SHA256

c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff
SHA512

e6cff40d4c781a5295924575fa697163b7cce05583c082abef1b85c5ab34b5fb18234267e2e232e2dc05c1a9b1b2aaaddb04b15c8ad82a8355e11d312fb7f928
SSDEEP

12288:FbxUYra3hjVBbdFlrLORPtbVPo+g1lEhUam:FbxUYra3hJBdF5LEt5Po+g1lnd

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1960	2020	WerFault.exe	27

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2020 wrote to memory of 1960	2020	c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe	29
PID 2020 wrote to memory of 1960	2020	c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe	29
PID 2020 wrote to memory of 1960	2020	c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe	29

C:\Users\Admin\AppData\Local\Temp\c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe
"C:\Users\Admin\AppData\Local\Temp\c8999b5988c6d3f3fa624db6d2ad1c69bc68a22bbabb000483851b8cac59bdff.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2020
- C:\Windows\system32\WerFault.exe
  C:\Windows\system32\WerFault.exe -u -p 2020 -s 32
  2⤵
  - Program crash
  PID:1960