fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47

Analysis

max time kernel
53s
max time network
34s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
03-12-2022 22:56

Target

fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe
Size

36KB
MD5

21dc6cbefc75c3e3723fc045ed5d0c54
SHA1

2dd1345c6323f83a4a8fd48aedd2ecdc10b44ca5
SHA256

fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47
SHA512

8333aaaf54321b1061747f27073e98b55b75437fc997adc8c4532c4a1e921def40a86ca34b4250b6ba94b7c55c679d38a4589f88ec08b1bb8cc8ec065f6f0f9e
SSDEEP

768:YdgPUhph+Xt/ZNJEA9D9vBnEeSeV7RtEt117e1Ra0WobqbE1R:CgPIERCA1NBVlR+7uI0tWo1

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
900	520	WerFault.exe	27

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 520 wrote to memory of 900	520	fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe	28
PID 520 wrote to memory of 900	520	fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe	28
PID 520 wrote to memory of 900	520	fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe	28
PID 520 wrote to memory of 900	520	fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe	28

C:\Users\Admin\AppData\Local\Temp\fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe
"C:\Users\Admin\AppData\Local\Temp\fd66d41d7342552fade205ac350ba2f09d4e9bb4e2be5bc5c8b5639a48993d47.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:520
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 520 -s 148
  2⤵
  - Program crash
  PID:900