dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed

Analysis

max time kernel
2s
max time network
72s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
06/12/2022, 12:58

Target

dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe
Size

47KB
MD5

51de072cc1412d4836f861c442c5e682
SHA1

d00efdf4d7e2b09239fc13445324d38ef99ff747
SHA256

dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed
SHA512

da375b44c324ace38016b21bb056122a3200e3436ce177237bb999386d0d8bc064fe73bc6314393c714589cccd3b22f607006a3f34188b327110e4c520eb2e07
SSDEEP

768:tbMf/HKx9xO1vTUnsGLMDTfSMDP6elqzN4OKIOTsgxqw:ti/WnsQMnqM7KN4OVwsg0w

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
460	948	WerFault.exe	8

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 948 wrote to memory of 460	948	dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe	28
PID 948 wrote to memory of 460	948	dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe	28
PID 948 wrote to memory of 460	948	dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe	28
PID 948 wrote to memory of 460	948	dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe	28

C:\Users\Admin\AppData\Local\Temp\dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe
"C:\Users\Admin\AppData\Local\Temp\dbfe33012accbbb322980de54aff9c255eb615449e0f16e1710dadf3d8df01ed.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:948
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 948 -s 88
  2⤵
  - Program crash
  PID:460