8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff

Analysis

max time kernel
41s
max time network
45s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
14/01/2023, 02:51

Target

8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe
Size

4.9MB
MD5

96cd4a694121a5f7f74276f2bfedba8a
SHA1

04149a0010f082a940615f7d4654b53066f3e7dd
SHA256

8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff
SHA512

35c8bcf16f30b1662e8902ed5ea2bd60e706b52c663fd168c4fd22d629027e1e7e17b82ecec84f2e43620d5a6ef08ee5d251ab1494ef05f4f2872880027e733b
SSDEEP

98304:uxxSruAGbl51kDt/H9bieeN7AaZRdZDHLCh/OU6ws/NFigP:CSrk31Y1bdeNkaZR/nCh/OZX/NFbP

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
956	604	WerFault.exe	25

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 604 wrote to memory of 956	604	8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe	26
PID 604 wrote to memory of 956	604	8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe	26
PID 604 wrote to memory of 956	604	8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe	26
PID 604 wrote to memory of 956	604	8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe	26

C:\Users\Admin\AppData\Local\Temp\8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe
"C:\Users\Admin\AppData\Local\Temp\8c53d4433f8a4eecc02f4b38df5653320dd76935abe428593f2d5c49877b7bff.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:604
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 604 -s 212
  2⤵
  - Program crash
  PID:956

memory/604-54-0x0000000075F81000-0x0000000075F83000-memory.dmp

Filesize
8KB

Download
memory/604-55-0x0000000000400000-0x00000000010E3000-memory.dmp

Filesize
12.9MB

Download
memory/604-56-0x0000000000400000-0x00000000010E3000-memory.dmp

Filesize
12.9MB

Download
memory/604-60-0x0000000000400000-0x00000000010E3000-memory.dmp

Filesize
12.9MB

Download