711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc

Analysis

max time kernel
20s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
29/10/2022, 22:30

Target

711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe
Size

174KB
MD5

512b88d6a2e7eb998085f7c96c200530
SHA1

cb9f7af3bacfedaa816398337e9efcd87552bdac
SHA256

711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc
SHA512

9db2bce918938d8db2724582c0bb7f72b6f47db1d3c0d567a552f15b23e693f6d73c262d988f8104619badc14655d9de1dd10b04eb7d9192498b55b6f6d074f0
SSDEEP

768:XjK/ajithXkHvmjjcFED43AnOmnNakgyeZv/Q3xogbPa8iS7sVdH48o7REccx:XGCC0H+jjam1fUyFC1mRe

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2036	944	WerFault.exe	9

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 944 wrote to memory of 2036	944	711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe	27
PID 944 wrote to memory of 2036	944	711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe	27
PID 944 wrote to memory of 2036	944	711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe	27
PID 944 wrote to memory of 2036	944	711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe	27

C:\Users\Admin\AppData\Local\Temp\711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe
"C:\Users\Admin\AppData\Local\Temp\711089e6444ac8b257391f11fe6d76659d17459db456c10369b2ccfcbc75c0fc.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:944
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 944 -s 88
  2⤵
  - Program crash
  PID:2036