531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803

Analysis

max time kernel
169s
max time network
172s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
03/12/2022, 07:37

Target

531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803.exe
Size

82KB
MD5

d0da0a89ae96570e38689f5af5e5db9a
SHA1

d2f4eb69b93a11efb20a00642d7439a9e6694b1b
SHA256

531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803
SHA512

9c0b4d106869bfe61ff58b095f832da70ac2c9c10cb7be2a5c36b4950b7d7fea64f05b961b744ee6e5e8ed65e0b78ed4c464abf2c3d166731c244347f668c60f
SSDEEP

1536:Jlc3u7F1e4zHvpad4WAwAEV5Q2yVgIXtA1IqDEbZWAz+Fqeyh0CjN+jQg:jsAzxad9DFxyGIe2UIZWS+5bCRg

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2108	4244	WerFault.exe	78

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
4244	531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803.exe

C:\Users\Admin\AppData\Local\Temp\531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803.exe
"C:\Users\Admin\AppData\Local\Temp\531fa98a2427f3e6fbe93716e815b6e0551afcc048b3d152c03a76cc30661803.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:4244
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4244 -s 644
  2⤵
  - Program crash
  PID:2108

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 460 -p 4244 -ip 4244
1⤵
PID:4280

memory/4244-133-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download
memory/4244-136-0x0000000000400000-0x000000000042F000-memory.dmp

Filesize
188KB

Download
memory/4244-137-0x0000000000400000-0x0000000000417000-memory.dmp

Filesize
92KB

Download