8e10c155540f98de8f5491a86b5ad9e8bb72b8076b552cd70b4f76761137d134

Analysis

max time kernel
72s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
02/02/2023, 02:34

Target

8e10c155540f98de8f5491a86b5ad9e8bb72b8076b552cd70b4f76761137d134.exe
Size

5.1MB
MD5

2a7498bee8117fead5085636655c1669
SHA1

33964e3b0ff3002778f1488bcedd10d1dcb84d08
SHA256

8e10c155540f98de8f5491a86b5ad9e8bb72b8076b552cd70b4f76761137d134
SHA512

af2d64129923c54f11570d8af932ce7766dc419badb3d58ea254059f5ed5d018595c195cb864146ccbd72d3eade1e0deed2ef61c1c38de548f875394276a3813
SSDEEP

98304:gmwDRRTdpRTWTHTHQZvqRRTdpRTWTHTp:gPDRRTdpRTWTHTH+vqRRTdpRTWTHTp

Score

3^/10

Program crash 1 IoCs

pid	pid_target	Process	procid_target
2000	4400	WerFault.exe	82

Suspicious use of SetWindowsHookEx 4 IoCs

C:\Users\Admin\AppData\Local\Temp\8e10c155540f98de8f5491a86b5ad9e8bb72b8076b552cd70b4f76761137d134.exe
"C:\Users\Admin\AppData\Local\Temp\8e10c155540f98de8f5491a86b5ad9e8bb72b8076b552cd70b4f76761137d134.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4400
- C:\Windows\SysWOW64\WerFault.exe
  C:\Windows\SysWOW64\WerFault.exe -u -p 4400 -s 828
  2⤵
  - Program crash
  PID:2000

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4400 -ip 4400
1⤵
PID:1484

memory/4400-132-0x0000000000400000-0x0000000000929000-memory.dmp

Filesize
5.2MB

Download
memory/4400-133-0x0000000000400000-0x0000000000929000-memory.dmp

Filesize
5.2MB

Download