8bee5499256001c7efbdd2735976326599723541534ce318508fcb08c627ed3e

Analysis

max time kernel
91s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
13-02-2023 13:57

Target

1160-57-0x0000000000400000-0x0000000000560000-memory.exe
Size

1.4MB
MD5

2de5c09aaccfd0a8d405fcc6a535ce9c
SHA1

f42a454cde6297b1901b6cf89a2b2312d17cba82
SHA256

8bee5499256001c7efbdd2735976326599723541534ce318508fcb08c627ed3e
SHA512

13765a06c64249d5324cb41a5a761796a86fa32b4868150abf6ef40b17db66a5e52b0c7e4d3864f7e0607d808e337ce9909e7ed675c02f35cebd4be58890e5a5
SSDEEP

3072:KZ71ehH+KPo1QDLBKSWPa5jnBYP/P70zU+dTWJbIOeHEbV:K/IeduLASrBYT0zUHJcOeHE

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1620 4696 WerFault.exe 1160-57-0x0000000000400000-0x0000000000560000-memory.exe

pid	pid_target	process	target process
1620	4696	WerFault.exe	1160-57-0x0000000000400000-0x0000000000560000-memory.exe

C:\Users\Admin\AppData\Local\Temp\1160-57-0x0000000000400000-0x0000000000560000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\1160-57-0x0000000000400000-0x0000000000560000-memory.exe"
1⤵
PID:4696

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4696 -s 220
2⤵
- Program crash
PID:1620

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 448 -p 4696 -ip 4696
1⤵
PID:2608

memory/4696-132-0x0000000000400000-0x0000000000407000-memory.dmp

Filesize
28KB

Download