5b3419ae552d690414c96c0c984bdc4236e4d8c33c2aad61b796ed9ba734a594

Analysis

max time kernel
31s
max time network
34s
platform
windows7_x64
resource
win7-20230220-es
resource tags

arch:x64arch:x86image:win7-20230220-eslocale:es-esos:windows7-x64systemwindows
submitted
25-03-2023 19:11

Target

Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe
Size

1.4MB
MD5

7f5ff592b91e28a827303ad81a381f35
SHA1

2f840eda2b3e0c409b3dbd00fcdc68565f861162
SHA256

5b3419ae552d690414c96c0c984bdc4236e4d8c33c2aad61b796ed9ba734a594
SHA512

311c86d47fbd7b2e078aa4c6d5d8a8c3feaabcceb360e56cf82c7e5a3c42107c1c9fbddfd1b9b7e602811869e881b82edf03a68ac3ae64061aafcb70db95cfe9
SSDEEP

24576:gHp+nUL+L8m657w6ZBLmkitKqBCjC0PDgM5A4woG4O:gH/yVV1BCjBkZ

Score

3^/10

Program crash 1 IoCs

Processes:

WerFault.exe

pid pid_target process target process

1204 1976 WerFault.exe Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

pid	pid_target	process	target process
1204	1976	WerFault.exe	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

Suspicious behavior: EnumeratesProcesses 3 IoCs

Processes:

Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

pid	process
1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe
1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe
1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes:

Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

description pid process

Token: SeDebugPrivilege 1976 Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

description	pid	process
Token: SeDebugPrivilege	1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

Suspicious use of WriteProcessMemory 4 IoCs

Processes:

Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe

description	pid	process	target process
PID 1976 wrote to memory of 1204	1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe	WerFault.exe
PID 1976 wrote to memory of 1204	1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe	WerFault.exe
PID 1976 wrote to memory of 1204	1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe	WerFault.exe
PID 1976 wrote to memory of 1204	1976	Descargue-Java-JDK-17-aqu-Hola-Browser-Setup-Inst-Agreed-C-Mmtdb2.exe	WerFault.exe

C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1976 -s 1260
2⤵
- Program crash
PID:1204

memory/1976-54-0x0000000000220000-0x0000000000388000-memory.dmp

Filesize
1.4MB

Download
memory/1976-55-0x0000000002060000-0x00000000020A0000-memory.dmp

Filesize
256KB

Download
memory/1976-56-0x0000000002060000-0x00000000020A0000-memory.dmp

Filesize
256KB

Download