d9a132c7b8c2091d1d1c29d498f82882e126837aabe8479fe5ec4621809efb0d

Analysis

max time kernel
91s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20220812-en
resource tags

arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
submitted
16-02-2023 16:42

Target

3696-168-0x00000000007D0000-0x00000000007DE000-memory.exe
Size

56KB
MD5

1e4250f90481c387e0a5b207f4dbb772
SHA1

2a41fa89cfe04439f2b653b3c0d012fc676c71b7
SHA256

d9a132c7b8c2091d1d1c29d498f82882e126837aabe8479fe5ec4621809efb0d
SHA512

aa7c72d4e97cf400da8366468ffd150da26bd93f5aa7ca28f49223e543f46642a2a35ca5d6ba58f690461797c5e848b2a4bea856129fa74f1da099c3c4daab20
SSDEEP

768:lDK/c+BDoR4jInhpp55dWSlkiidEfUPJqBQPt04:l+/c+aR4jaDtmiuqURq

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

2092 3664 WerFault.exe 3696-168-0x00000000007D0000-0x00000000007DE000-memory.exe

pid	pid_target	process	target process
2092	3664	WerFault.exe	3696-168-0x00000000007D0000-0x00000000007DE000-memory.exe

C:\Users\Admin\AppData\Local\Temp\3696-168-0x00000000007D0000-0x00000000007DE000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\3696-168-0x00000000007D0000-0x00000000007DE000-memory.exe"
1⤵
PID:3664

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3664 -s 216
2⤵
- Program crash
PID:2092

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3664 -ip 3664
1⤵
PID:3692