c8bf894572e1c4de1beb4aaa2f3b17e6a6b1c1c49bc85fcc58fe9fcc923aca00

Analysis

max time kernel
138s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
27/11/2022, 12:20

Target

c8bf894572e1c4de1beb4aaa2f3b17e6a6b1c1c49bc85fcc58fe9fcc923aca00.exe
Size

1.8MB
MD5

6f2d2f676e6bac09b2162d1c710b2b72
SHA1

327dd942a5adee91f8d91e97a5800579a74b2ba5
SHA256

c8bf894572e1c4de1beb4aaa2f3b17e6a6b1c1c49bc85fcc58fe9fcc923aca00
SHA512

0fdbb51ab31715aa9f6c6d3a16269e4096dc1f5987a41265fff1d9d03d750a14bb50420360b126231c94c0ab6f3010db7417d3ab408518b5724437f355756d9f
SSDEEP

49152:nvYgZ1gxA3HCLeS/kRQ3aiAfhjOEc+ptGEIJIb8:w7+3iGNGpO8

Score

3^/10

Program crash 4 IoCs

pid	pid_target	Process	procid_target
4240	4284	WerFault.exe	80
3980	4284	WerFault.exe	80
3472	4284	WerFault.exe	80
1256	4284	WerFault.exe	80

C:\Users\Admin\AppData\Local\Temp\c8bf894572e1c4de1beb4aaa2f3b17e6a6b1c1c49bc85fcc58fe9fcc923aca00.exe
"C:\Users\Admin\AppData\Local\Temp\c8bf894572e1c4de1beb4aaa2f3b17e6a6b1c1c49bc85fcc58fe9fcc923aca00.exe"
1⤵
PID:4284
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 848
  2⤵
  - Program crash
  PID:4240
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 868
  2⤵
  - Program crash
  PID:3980
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 876
  2⤵
  - Program crash
  PID:3472
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4284 -s 856
  2⤵
  - Program crash
  PID:1256

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 432 -p 4284 -ip 4284
1⤵
PID:4248

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4284 -ip 4284
1⤵
PID:3324

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 484 -p 4284 -ip 4284
1⤵
PID:392

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 4284 -ip 4284
1⤵
PID:3584

memory/4284-132-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/4284-133-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/4284-134-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/4284-135-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download
memory/4284-136-0x0000000000400000-0x00000000005D1000-memory.dmp

Filesize
1.8MB

Download