013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82

Analysis

max time kernel
151s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
09-02-2023 05:40

Target

013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe
Size

5.0MB
MD5

d85977e42b3104b4f170d38d205fa245
SHA1

f8c9a471cb588af86fe7df261fde4fb7e23fec0d
SHA256

013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82
SHA512

34df13c448374690aa8e5001b398c16c6be26d782fe31dc8bb1e14baacb395770ef8207a9512c87c4e6c84e37987c91228cd08e7f1e5c604cbe889788133cfef
SSDEEP

98304:IzoGZR6vxb0pbLnVcDtZmIwMFFpqqq4V1sdSHNl0H/MqzDpNhHiA8aQpnZS2c:I0VpIFcxZ53qqq+sdUl69NdiApiE2

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

3396 4896 WerFault.exe 013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe

pid	pid_target	process	target process
3396	4896	WerFault.exe	013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe

C:\Users\Admin\AppData\Local\Temp\013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe
"C:\Users\Admin\AppData\Local\Temp\013a3110f4980097af0dd1a091181565b1b2ea29ead9fe960fc0c38358278d82.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4896

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4896 -s 1172
2⤵
- Program crash
PID:3396

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 4896 -ip 4896
1⤵
PID:3344