96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e

Analysis

max time kernel
38s
max time network
46s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
02/12/2022, 00:04

Target

96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe
Size

156KB
MD5

750089c89f19a8d94459c6b11440adc9
SHA1

8eef114245518f24bce2f4c8ad2e3d87985c68a4
SHA256

96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e
SHA512

ba08bc48b2e87590f14629b763c846fe79e9e15f179eb52330df6e408982e28d34c7171deebe9023a8f3c4e86fb2c9a9b2452b04571290f55ee2ba1ce60ce742
SSDEEP

3072:a8VmuOK9IOJeC+3Ip4CFbgjZcJygNqHVbwvVTSIs04oQZiEiiRp:3VmPK9psIp44bgjZQwVoT2QWb

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1956	456	WerFault.exe	21

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
456	96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 456 wrote to memory of 1956	456	96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe	28
PID 456 wrote to memory of 1956	456	96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe	28
PID 456 wrote to memory of 1956	456	96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe	28
PID 456 wrote to memory of 1956	456	96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe	28

C:\Users\Admin\AppData\Local\Temp\96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe
"C:\Users\Admin\AppData\Local\Temp\96ec1a737b1fc482947e0fac78972151a08bb7cae2adc164f7947402e181e54e.exe"
1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:456
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 456 -s 188
  2⤵
  - Program crash
  PID:1956