38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e

Analysis

max time kernel
125s
max time network
140s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
30/10/2022, 17:00

Target

38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe
Size

281KB
MD5

83718e1f26805c4329b61f7af5dca9fd
SHA1

6b3aeb530b3ac898d4cf27b36541a16c68ae11af
SHA256

38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e
SHA512

138f10d092b51e9a65c9b4b8fe9485e000bfd29d46b36c79acfc83a983d170c00e82a422d611b024d4b50174e9122a5054e17c929834182e6d7619d94f21a2dc
SSDEEP

6144:Hj+YaLXI9qDKqQFFxcWHeXP4uj9sp6Bfc769/c2:CYajwqqxcWqLBY6Bfc769k2

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1736	2224	WerFault.exe	81

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\.key	38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\.key\ = "regfile"	38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2224	38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe

C:\Users\Admin\AppData\Local\Temp\38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe
"C:\Users\Admin\AppData\Local\Temp\38fd39c28265b503fb122cdb0a48117034dbd21981a413506eed252322a39e9e.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2224
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 2224 -s 476
  2⤵
  - Program crash
  PID:1736

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 420 -p 2224 -ip 2224
1⤵
PID:2508