e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192

Analysis

max time kernel
149s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
05/12/2022, 10:53

Target

e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192.exe
Size

96KB
MD5

3ed293117b68227ca96592986e175d02
SHA1

bb7ab65a89111e765a13f9dec4f05661a899bd4b
SHA256

e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192
SHA512

e594f5097baff1fa1e6f34a2dae6280453a707a308ffdc134b50aa7fd8932b76f445b35a341f665de09310ddd99fdb52ccdecc6cc964c60a004d26943bd1fec3
SSDEEP

1536:BBQBHHkf6cO/hOkGulSc16l6u+NMMl/KlYv1Tq5ThF/NIjnZxbT:Wnhblu8CFF/CnDbT

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
1004	4988	WerFault.exe	81

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4988	e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192.exe

C:\Users\Admin\AppData\Local\Temp\e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192.exe
"C:\Users\Admin\AppData\Local\Temp\e87be06c89d4ef30c7e4cd28c050e0d3bad925d401a3893af2b84842362fd192.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4988
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4988 -s 468
  2⤵
  - Program crash
  PID:1004

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 452 -p 4988 -ip 4988
1⤵
PID:1180