69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
21/10/2022, 02:19

Target

69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6.exe
Size

436KB
MD5

55a118ce9f2bf1b4b6757d230320a770
SHA1

d8484c9060f415120e43c005ea441c7d0f662466
SHA256

69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6
SHA512

e15400c9bd66bf63ed02958fb3eee381ed45f96d672b7f36ead7a36790973765aa392bf16f8314f06e3e2cb0061f72cdaad26ef646ac790956af0f8bbe64b3c7
SSDEEP

12288:2TiVPrJ/Vw+gia6JOUfsaZYFv53gNCpOdn/uc:2TixrJ/V1gia6JvfhYLpOd/5

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
736	4872	WerFault.exe	84
2740	4872	WerFault.exe	84

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4872	69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6.exe

C:\Users\Admin\AppData\Local\Temp\69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6.exe
"C:\Users\Admin\AppData\Local\Temp\69170ed530a85e4d0cebd7dae73109f6a9c787d69c8ef563d09dac413a73e6c6.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4872
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4872 -s 496
  2⤵
  - Program crash
  PID:736
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4872 -s 496
  2⤵
  - Program crash
  PID:2740

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 360 -p 4872 -ip 4872
1⤵
PID:4864

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 440 -p 4872 -ip 4872
1⤵
PID:2992