c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0

Analysis

max time kernel
59s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
27/11/2022, 00:06

Target

c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe
Size

588KB
MD5

28da3976fe75e40d41c3899dbb1ba2c2
SHA1

32d30291b7a3362692eed3059a47937f3d92e970
SHA256

c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0
SHA512

78137e4153574bb0a64a5ac6a7941fc539c49f37f49c004d1709efbbbf19eaf135a5a7563563e4c2317756b4cf994097c4a70a43daf3a23da480733d7f6d6818
SSDEEP

6144:doJZ/3vvcwdPTWFoamGI17U0VIg93Z0EmBf+4Cfhok5ArnI+dwq7Ci7zecD6h0Ey:ujhx95LWIJqGwrJ

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1368	1992	WerFault.exe	13

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28
PID 1992 wrote to memory of 1368	1992	c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe	28

C:\Users\Admin\AppData\Local\Temp\c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe
"C:\Users\Admin\AppData\Local\Temp\c55ad0b45f9abae81b6d9cec5990c4653ca007bf707de782fd48d3bbdcdfaba0.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1992
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 1992 -s 324
  2⤵
  - Program crash
  PID:1368

memory/1992-54-0x00000000760C1000-0x00000000760C3000-memory.dmp

Filesize
8KB

Download