56db5819d8af9a58dc679d1dcf1f27807f925645a59149e8871c811883d784ad

Analysis

max time kernel
149s
max time network
188s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
07/11/2022, 18:02

Target

56db5819d8af9a58dc679d1dcf1f27807f925645a59149e8871c811883d784ad.exe
Size

755KB
MD5

03bdd59e303b0567ece2999bc7b78903
SHA1

8f6468d0d721ca75b0bd4c27244da6cf861f6830
SHA256

56db5819d8af9a58dc679d1dcf1f27807f925645a59149e8871c811883d784ad
SHA512

b71db85b669aa3847df603dd4308b8f2fc2b9055b8fbcf396e821c4c4db94024d27db046260b2af412789b3a5198da9fa3e00dd67447f1a6c9648b46de60a55f
SSDEEP

12288:pYXLyPX7WAWfxheWMeywdMvh4uo2gKdq9lA9rrqAvsM9NkcMn35ai7ZJps+QK2kT:eXW/4tTywO54L/KdqLA9rlY53R7W+vef

Score

3^/10

Program crash 2 IoCs

pid	pid_target	Process	procid_target
4880	3052	WerFault.exe	78
1428	3052	WerFault.exe	78

C:\Users\Admin\AppData\Local\Temp\56db5819d8af9a58dc679d1dcf1f27807f925645a59149e8871c811883d784ad.exe
"C:\Users\Admin\AppData\Local\Temp\56db5819d8af9a58dc679d1dcf1f27807f925645a59149e8871c811883d784ad.exe"
1⤵
PID:3052
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3052 -s 560
  2⤵
  - Program crash
  PID:4880
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3052 -s 568
  2⤵
  - Program crash
  PID:1428

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3052 -ip 3052
1⤵
PID:4900

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 540 -p 3052 -ip 3052
1⤵
PID:2760

memory/3052-132-0x0000000000716000-0x0000000000746000-memory.dmp

Filesize
192KB

Download
memory/3052-133-0x0000000000745000-0x0000000000753000-memory.dmp

Filesize
56KB

Download
memory/3052-134-0x0000000002726000-0x00000000027D4000-memory.dmp

Filesize
696KB

Download