dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa

Analysis

max time kernel
150s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
06-12-2022 10:42

Target

dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa.exe
Size

340KB
MD5

80b5f8856837eecc2e5de11a89708326
SHA1

75c934c318af9b5e86d3a505253a25d4b1a2a5c9
SHA256

dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa
SHA512

0c3c326a34f0f8ba441e7fdf5bb35a577f084135e5de7e8703d8445f25798b3d657d58ca2017cb56f96531de8f028df9020f7092b08d50492777e8c8f622b518
SSDEEP

6144:r7Cbe1g/q31zHCt/ypeYkmjwmR5FCd3rBoNUSd8pNIfDoWuEr/gPf:r7wdq3QoOmZS3doNUSmjk0

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
3844	3044	WerFault.exe	79

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3044	dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa.exe

C:\Users\Admin\AppData\Local\Temp\dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa.exe
"C:\Users\Admin\AppData\Local\Temp\dafd30917621f8bd8f2bb38e4f5cbdbde1913e802a607fae907d548345877bfa.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3044
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 3044 -s 468
  2⤵
  - Program crash
  PID:3844

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 3044 -ip 3044
1⤵
PID:5068

memory/3044-132-0x0000000000400000-0x000000000048F000-memory.dmp

Filesize
572KB

Download
memory/3044-135-0x0000000000400000-0x000000000048F000-memory.dmp

Filesize
572KB

Download
memory/3044-136-0x0000000000400000-0x000000000048F000-memory.dmp

Filesize
572KB

Download