cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71

Analysis

max time kernel
39s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
11/10/2022, 06:44

Target

cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe
Size

372KB
MD5

7bff555f79eb10edaa89757daf0b6b90
SHA1

864d94fe4b96440e437c6f0763937d3465ce6988
SHA256

cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71
SHA512

c58626d26a933edc0e6e3bb7f4fb5f95b8992189d3b9c32a62c940f596de6a0aab0e6617d7e2ff44032e8277444630ac4a6e2e86112666df535b9603521eed61
SSDEEP

6144:DcQCGAILwT9W0mTQCfHFCy9E0JShK2xXEy9bQ8:oiAIET40kQaFm0JcnEytQ8

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1016	1140	WerFault.exe	26

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 1140 wrote to memory of 1016	1140	cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe	27
PID 1140 wrote to memory of 1016	1140	cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe	27
PID 1140 wrote to memory of 1016	1140	cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe	27
PID 1140 wrote to memory of 1016	1140	cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe	27

C:\Users\Admin\AppData\Local\Temp\cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe
"C:\Users\Admin\AppData\Local\Temp\cbc84a53cde1adc55aae5f74c18dc175571b24973a49d091069f5a11a11e9a71.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1140
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1140 -s 36
  2⤵
  - Program crash
  PID:1016

memory/1140-54-0x0000000000400000-0x000000000045D000-memory.dmp

Filesize
372KB

Download